Over the past 30 years or so, cybersecurity has become an industry that is estimated to be worth more than $170 billion, created by a community of hackers across the globe. Second, industry growth and notable hacking have become mainstream for cybersecurity and hacking, including Sony breaches in 2015, US election hacks and leak operations in 2016, colonial pipeline ransomware attacks, and a seemingly endless list of Chinese government hacking.
Pop culture has embraced hackers with hit TV shows like Mr. Robot and movies like Leave the World. But perhaps the most prolific medium for cybersecurity stories – based on fiction and reality – is a book.
We curated our own list of the best cybersecurity books based on books we read ourselves and the books our community proposed in Mastodon and Bluesky.
This book list (without a specific order) is updated regularly.
Countdown to Zero Day, Kimzetter
The cyberattack, coordinated by Israeli and US government hackers who damaged centrifuges at Natanz's Iranian nuclear facility, is arguably the most famous hack in history. Because of its impact, refinement and pure audacity, the attack captured the imagination of not only the cybersecurity community but the larger public.
Veteran journalist Kim Zetter tells the story of stuxnet by treating malware like a character who profiles it. To achieve that, Zetter finds malicious code, analyzes how it worked, and interviews all the key investigators who understand what it did. It's something that anyone who works in the cyber field should read, but it also serves as a great introduction to the world of cybersecurity and cyberepion for normal people.
Dark Wire, Joseph Cox
There was no more bolder and vast stab wound operations than the FBI's Trojan Shield's strategy. This led the federal government to run a startup called Anom, which sold encrypted mobile phones to the world's worst criminals.
These offenders believed they were using communication devices specifically designed to avoid surveillance. In reality, perhaps all of the safe messages, photos and audio notes were poured into the FBI and its international law enforcement partners. 404 media journalist Joseph Cox brilliantly tells Anom's story in an interview with Sting Operation's FBI, the developers and workers who ran the startup, and the masterminds with criminals using devices.
Cuckoo egg, cliff stole
In 1986, astronomer Cliffstall was tasked with grasping $0.75 inconsistencies in the use of the lab's computer network. At this point, the Internet was primarily a network of government and academic institutions, and these organizations paid according to the time spent online. The following year, Stoll meticulously pulled the threads of what appeared to be a minor incident and discovered one of the first recorded cases of the government's cyberepion. In this case, the Russian KGB implemented it.
Not only did Stoll solve the mystery, he also documented it and turned it into a fascinating spice thriller. It is difficult to underestimate how important this book is. When it was published in 1989, hackers were barely a blip of the national imagination. The Cuckoo Egg showed young cybersecurity enthusiasts how to investigate cyber incidents, showing more people that stories about computer espionage can be as exciting as real-life James Bond-like figures.
Your face belongs to our Kashmir Hill
Face recognition has become an important and relatively accurate tool for law enforcement in everyday work, from technology that appears to have been fully committed in films and TV shows to technology that was actually inaccurate in yanki in real life. Longtime tech reporter Kashmir Hill talks about the history of technology through the rise of Clearview AI, one of the controversial startups.
Unlike other books that profile startups, at least one of the founders of Clearview AI was partially involved with Hill to tell his own aspects of the story, but the journalist did a lot of work to check the facts – and in some cases did some of what she heard from company sources. Hill is the perfect writer to tell the story of Clearview AI after first revealing its existence in 2020.
Joseph Men, a Dead Cow Cult
Research Cyber Reporter Joseph Meng tells the incredible true backstory of one of the oldest hacking supergroups of the '80s and '90s, the influential cult of dead cows, and how it helped transform the early internet into the internet of today. Members of the group included mainstream names from high-tech CEOs and activists, some of whom advised the president, testified to lawmakers, and testified to security heroes who helped ensure much of the world's modern technology and communications.
Men's book codifies the history of the early internet hacking scene, as some of the very people who lived it, have said, have said, that hackers improve cybersecurity, improve freedom of speech and expression and the right to privacy, and celebrate both accomplished, built and broken.
Emily Claus, hack for the future
“Hacking to the Future” is an essential reading for anyone who wants to understand the world of hacking and the incredibly rich history of its many cultures. The book author, Emily Krath, trade hacker and security researcher, covers some of the earliest hacks rooted in mischief.
The book is deeply studied and well-represented, and is both a partial history and partial blessing of the hacker community that transforms from curiosity mindless misfits into telephones to get free long distance calls, becoming a powerful community that wields geopolitical powers, and is prominently characterized by mainstream culture.
Tracers in the Dark, Andy Greenberg
The concept of cryptocurrency was born in 2008, and a white paper was published by a mysterious (and still unknown) person called Nakamoto At. It laid the foundation for Bitcoin, and now almost 20 years later, Crypto has become its own industry, embedded in the global financial system. Crypto is also extremely popular among hackers, from low-level scammers to sophisticated North Korean government spies and thieves.
In this book, Andy Greenberg of Wired details a series of well-known research relying on following digital money through blockchain. Featuring interviews with investigators who worked on these cases, Greenberg talks about his behind the scenes of the takedown of the pioneering Dark Web Marketplace Silk Road, as well as operations on the Dark Web Hacking Marketplace (Alphabey), and the “world's largest” child sexual abuse website called “Welcome To Video.”
Dark Mirror, Burton Gelman
More than a decade ago, former NSA contractor Edward Snowden leaked thousands of secret files to a few journalists, blew the vast scale of the US government's global surveillance business. One of those journalists was Burton Gelman, a Washington postreporter at the time. He later recorded the internal stories of Snowden's first outreach in his book, Dark Mirror, and the process of verifying and reporting the cache of classified government files provided by whistleblowers.
From secretly tapping private fiber cables that connect the data centers of the world's largest companies to secret snooping that keeps lawmakers and world leaders secret, the file details how the National Security Agency and its global allies can spy on almost anyone in the world. Dark Mirror is not only a look back at one time in history, but also a first-person account of how Germanic researched, reported and broken in some of the most influential and important journalism of the 21st century, and should be something that all cyber journalists should read.