After a few weeks on public transportation, I have finished the book:
Additional authors: Troy J. Caeti, D. Kall Loper, Eric J. Fritsch, John Liederbach
Aside from two minor flaws, I highly recommend this book to all libraries and to people who are interested in computer crime, hacking, or law enforcement. This book is written in plain English and is quite accessible and well documented. They have endnotes for every chapter and a good index at the back. In addition, it carries a number of illustrations and charts that supplement the text. Finally each chapter has a number of case studies in sidebars, mostly taken from DOJ’s Cybercrime.gov site that provide concrete examples of the crime theories the authors set out.
In the introduction the authors set as their task a book that would be a primer on computer science for law enforcement personnel and a primer on basic investigative procedures and prosecutions for computer scientists. I am neither a law enforcement officer or a computer scientist, but I believe I gained insight into both disciplines. As a result, I think the authors have achieved their purpose.
While the book as a whole is mostly well written, I found the chapters explaining hacker subcultures (ch 4) and how search warrants worked ( ch 11 ) to be the most engaging. Other chapters on theories of criminality and the different classes of computer crime also made for engaging reading.
I mentioned two minor flaws. These are flaws in my opinion which you might not agree with, but I felt I should share with you anyway. First, you can easily tell this is a book with multiple authors. The tone of the book, particularly when dealing with either terrorism or the magnitude of economic losses to computer crime can shift very quickly and become alarmist. Often one sees some estimate of economic loss, a paragraph that indicates that such estimates are little more than random guesswork, and then nearly a full page on how while the problem cannot be meaningfully measured, it is far worse than we can imagine and immediate action is required to fix it. Or the book goes from stating that there are no firmly documented instances of terrorist cyberattacks and then asserts with no solid examples that al-Qaeda and the Chinese government have repeatedly attacked US government and military web servers. At these times, this reader feels like one is listening to two or three authors argue over the seriousness of the problem. But most of the book doesn’t read this way.
The other minor flaw in the book is that it fails to put economic losses in the context of the US economy. Several times in the book they quote estimates that losses due to computer crime in this country total roughly $10 Billion/year (see page 354, for example). Because of this fact, “Dogmatism and traditional beliefs that “this is not a problem” must be set aside and replaced with an aggressive policy to address these trends. ” Throughout the book the “aggressive policy” is set in terms of yet more new laws and closer monitoring of the Internet. But let’s take the $10 B/year at their word. While this sounds like a lot, it pales beside the US Gross Domestic Product, which was estimated to be $13,755.9 billion in second quarter 2007, according to the Bureau of Economic Statistics. The $10 Billion a year that is seen as a *huge* problem is $0.07% of 2007 GDP. To put it another way, the rough estimate of computer crime in this is country is nine billion dollars less than what Americans spent on coffee in 2004. I’m not trying to excuse computer crime, but I am making the case that making it a priority might be misguided, especially in light of all of the crimes against life and health that take place in this country every year.
Overall though, this book is a solid explanation of computer crime, computer criminals and how computer crime is detected and prosecuted. If your patrons have an interest in computer crime or how law enforcement treats it, this book is for you.