Review: Cyber Guerilla

About the authors

Jelle Van Haaster is an officer in the Royal Netherlands Army and has a background in legal, military, and technical defense matters.

Rickey Gevers is currently Chief Intelligence Officer at the security firm Redsocks. He has been responsible for numerous revelations regarding high-profile security incidents.

Martijn Sprengers is an IT security advisor and professional penetration tester who is specialised in conducting covert cyber operations.

Inside Cyber Guerilla

“Cyber guerilla is a conviction that smaller forces can rival larger forces in our networked society,” say the authors.

Cyber guerrilla attacks against bigger and better equipped opponents – States, (large) corporations, and other actors – are usually mounted by hacker groups that may or may not be parts of a larger (non-cyber) organization. They are not interested in earning money, but to fight against oppression (in any form) and (usually) Internet censorship.

This book is effectively a how-to manual that covers all the most important aspects of setting up an effective hacker group that means to engage in cyber guerrilla incursions:

• The importance of choosing the right individuals to make part of it (whether it’s a matter of ideology or skill), and how to ultimately disband the group safely
• Having a set goal, choosing a good leader, a good strategy and being well organized
• Being stealthy and flexible and avoiding direct confrontation with those bigger opponents
• Choosing the most effective tools, techniques and tactics to pull off operations
• Having a good media strategy, and more.

The book is based on Che Guevara’s famous Guerrilla Warfare guidebook for guerrilla fighters around the world. Both books contain 3 chapters and appendices. The chapters deal with the general principles of cyber guerrilla, the creation of the ideal hacker group, and the organization of operations. The appendices offer an analysis of past and existent hacker groups (Anonymous, LulzSec, etc.), their strengths and weaknesses, as well as opinions by the authors about the future of the subject addressed in each chapter.

The first two chapters will give cyber defenders a peek into the mind of this particular type of hacker, while the third one is a good source of attack scenarios that will serve them to perhaps consider things they’ve never considered before.

The main audience, though, are individuals who are looking to engage in cyber guerrilla attacks – to fight against cyber Goliaths.

The authors occasionally repeat themselves too much, but that’s not a huge problem, as the book is an interesting and relatively short read. I just wish they used the original spelling of the word guerrilla.