In the last 30 years or so, cybersecurity has gone from being a niche specialty within the larger field of computer science, to an industry estimated to be worth more than $170 billion made of a globe-spanning community of hackers. In turn, the industry’s growth, and high-profile hacks such as the 2015 Sony breach, the 2016 U.S. election hack and leak operations, the Colonial Pipeline ransomware attack, and a seemingly endless list of Chinese government hacks, have made cybersecurity and hacking go mainstream.
Pop culture has embraced hackers with hit TV shows like Mr. Robot, and movies like Leave The World Behind. But perhaps the most prolific medium for cybersecurity stories — both fiction and based on reality — are books.
We have curated our own list of best cybersecurity books, based on the books we have read ourselves, and those that the community suggested on Mastodon and Bluesky.
This list of books (in no particular order) will be periodically updated.
Countdown to Zero Day, Kim Zetter
The cyberattack coordinated by Israeli and U.S. government hackers known as Stuxnet, which damaged the centrifuges at the Iranian nuclear facility in Natanz, is almost certainly the most well-known hack in history. Because of its impact, its sophistication, and its sheer boldness, the attack captured the imagination not only of the cybersecurity community, but the larger public as well.
Veteran journalist Kim Zetter tells the story of Stuxnet by treating the malware like a character to be profiled. To achieve that, Zetter interviews virtually all the main investigators who found the malicious code, analyzed how it worked, and figured out what it did. It’s a must read for anyone who works in the cyber field, but it also serves as a great introduction to the world of cybersecurity and cyberespionage for regular folks.
Dark Wire, Joseph Cox
There haven’t been any sting operations more daring and expansive than the FBI’s Operation Trojan Shield, in which the feds ran a startup called Anom that sold encrypted phones to some of the worst criminals in the world, from high-profile drug smugglers to elusive mobsters.
Those criminals thought they were using communication devices specifically designed to avoid surveillance. In reality, all their supposedly secure messages, pictures, and audio notes were being funneled to the FBI and its international law enforcement partners. 404 Media journalist Joseph Cox masterfully tells the story of Anom, with interviews with the sting operation’s masterminds in the FBI, the developers and workers who ran the startup, and the criminals using the devices.
The Cuckoo’s Egg, Cliff Stoll
In 1986, astronomer Cliff Stoll was tasked with figuring out a discrepancy of $0.75 in his lab’s computer network usage. At this point, the internet was mostly a network for government and academic institutions, and these organizations paid depending on how much time online they spent. Over the next year, Stoll meticulously pulled the threads of what seemed like a minor incident and ended up discovering one of the first-ever recorded cases of government cyberespionage, in this case carried out by Russia’s KGB.
Stoll not only solved the mystery, but he also chronicled it and turned it into a gripping spy thriller. It’s hard to understate how important this book was. When it came out in 1989, hackers were barely a blip in the public’s imagination. The Cuckoo’s Egg showed young cybersecurity enthusiasts how to investigate a cyber incident, and it showed the wider public that stories about computer spies could be as exciting as those of real-life James Bond-like figures.
Your Face Belongs to Us, Kashmir Hill
Face recognition has quickly gone from a technology that seemed all-powerful in movies and TV shows — but was actually janky and imprecise in real-life — to an important and relatively accurate tool for law enforcement in its daily operations. Longtime tech reporter Kashmir Hill tells the history of the technology through the rise of one of the controversial startups that made it mainstream: Clearview AI.
Unlike other books that profile a startup, at least one of Clearview AI’s founders partially engaged with Hill in an attempt to tell his own side of the story, but the journalist did a lot of work to fact-check — and in some cases debunk — some of what she heard from her company sources. Hill is the best positioned writer to tell the story of Clearview AI after first revealing its existence in 2020, which gives the book an engaging first-person narrative in some sections.
Cult of the Dead Cow, Joseph Menn
Investigative cyber reporter Joseph Menn tells the incredible true back story of the influential Cult of the Dead Cow, one of the oldest hacking supergroups from the ’80s and ’90s, and how they helped to transform the early internet into what it has become today. The group’s members include mainstream names, from tech CEOs and activists, some of whom went on to advise presidents and testify to lawmakers, to the security heroes who helped to secure much of the world’s modern technologies and communications.
Menn’s book celebrates both what the hackers achieved, built, and broke along the way in the name of bettering cybersecurity, freedom of speech and expression, and privacy rights, and codifies the history of the early internet hacking scene as told by some of the very people who lived it.
Hack to the Future, Emily Crose
“Hack to the Future” is an essential read for anyone who wants to understand the incredible and rich history of the hacking world and its many cultures. The book’s author, Emily Crose, a hacker and security researcher by trade, covers some of the earliest hacks that were rooted in mischief, through to the modern day, with no detail spared on the decades in between.
This book is deeply researched, well represented, and both part-history and part-celebration of the hacker community that morphed from the curious-minded misfits whistling into a telephone to score free long-distance calls, to becoming a powerful community wielding geopolitical power and featured prominently in mainstream culture.
Tracers in the Dark, Andy Greenberg
The concept of cryptocurrency was born in 2008 a white paper published by a mysterious (and still unknown) figure called Satoshi Nakamoto. That laid the foundation for Bitcoin, and now, almost 20 years later, crypto has become its own industry and embedded itself in the global financial system. Crypto is also very popular among hackers, from low-level scammers, to sophisticated North Korean government spies and thieves.
In this book, Wired’s Andy Greenberg details a series of high-profile investigations that relied on following the digital money through the blockchain. Featuring interview with the investigators who worked on these cases, Greenberg tells the behind the scenes of the takedown of the pioneering dark web marketplace Silk Road, as well as the operations against dark web hacking marketplaces (Alpha Bay), and the “world’s largest” child sexual abuse website called “Welcome to Video.”
Dark Mirror, Barton Gellman
Over a decade ago, former NSA contractor Edward Snowden blew wide open the vast scale of the U.S. government’s global surveillance operations by leaking thousands of top secret files to a handful of journalists. One of those journalists was Barton Gellman, a then-Washington Post reporter who later chronicled in his book Dark Mirror the inside story of Snowden’s initial outreach and the process of verifying and reporting the cache of classified government files provided by the whistleblower.
From secretly tapping the private fiber optic cables connecting the datacenters of some of the world’s biggest companies, to the covert snooping on lawmakers and world leaders, the files detailed how the National Security Agency and its global allies were capable of spying on almost anyone in the world. Dark Mirror isn’t just a look back at a time in history, but a first-person account of how Gellman investigated, reported, and broke new ground on some of the most influential and important journalism of the 21st century, and should be required reading for all cyber journalists.
