Book Review – Blackhatonomics

Syngress was kind enough to provide a free copy of this book for me to review.

Blackhatonomics was an interesting book to read. As one gets older and more skilled in one’s field, the portions of books that are new become smaller and smaller. I had high hopes that this would be a detailed dive into the economics of criminal activity and, in that, I was disappointed. There is little here that was new to me. I didn’t get into the content I wanted until Chapter 8 – “Pawns and Mules” and then stuff got good in Chapter 9 – “Globalization: Emerging Markets Aren’t Just for Traditional Investors Anymore”.  Chapter 10 then discusses crime in America and Chapter 11 focuses on the world.  Then, alas, we’re at the conclusion.

Really, what I had hoped for was a text written by an economics expert giving people familiar with cybercrime some detail as to how micro- and macro- economics work in that space.  What I got was a book aimed at people unfamiliar with both cybercrime and economics. This isn’t bad.  It’s a good book for people who are just getting started.  It’s just not quite what I was looking for.

I’ve stopped rating books. It’s unfair to the authors to ding them because their book didn’t meet my expectations when the book is marketed by someone else entirely. Really, this book is a good intro for a lot of people. If you have less than two years in the Security industry or have never actually worked a hacking-for-profit case, it’d be good for you.  If, however, you have a ton of experience and have worked with law enforcement to help your client, there’s little in here that’s new.

And really, that’s not the authors’ fault. What I want is up-to-date information about criminal economics, but the economic data of current crime is often locked up in court and spread across numerous countries and jurisdictions. Can we guess at trends? Sure.  Can we plug data into economic models and demonstrate what’s going on? Not really. We can solve this by creating economics models. I’ve been toying with playing with ideas from Complexity theory and considering running scenarios using cellular automata to model different economic models in worlds where there is a theft component. I was hoping that this book would have done the research so I wouldn’t have to. That was, in retrospect, a rather ridiculous expectation.

So in the end. the question is “do I read it, do I ignore it or do I get it from a library?”

If you are just starting in your career, read it.  It has good data and will help get you started.

If you’ve been at this for a while but are not directly involved in law enforcement, get it from a library. Skim chapter 8. Read chapters 9 through 11.

If you’re involved in law enforcement, there is likely little in this book that will help you.  You can skip it.