Money is kind of a big deal. I don’t particularly like this fact, but I would be a fool not to acknowledge it. For the majority of my life, money has been more digital than paper-based, even though a fully qualified digital currency in Canadian or US dollars still has yet to materialize. I have never owned a paper chequebook in my name, and almost all of my payments are online or through a chip-and-pin debit card. So I was very curious to learn more about the potential security issues around e-commerce and digital transactions in The Unhackable Internet. Thomas P. Vartanian brings decades of experience in the finance world and the law to chart out some of the biggest dangers along with possible solutions. NetGalley and publisher Rowan and Littlefield provided me with an eARC in exchange for a review.
Vartanian’s thesis is simple: the internet as it is currently configured is ferociously insecure to the point where it would be extremely easy for a bad actor to compromise vital infrastructure or threaten the integrity of the global economy. He offers up numerous historical examples of cybersecurity incidents. The same week I was reading this, Indigo—Canada’s largest retail bookseller—was hacked, forcing it to pull its website offline and suspend non-cash transactions at its stores. I bet that cost them billions. What happens when it’s a bank, a hospital, the electrical grid? Vartanian’s solution is elegant: scrapping the internet and starting from scratch is not feasible, but we should be able to graft more secure, isolated networks to the existing internet. Safe bubbles, if you will, where access from the overall internet is tightly controlled, and identity and authorization within the bubble is paramount.
I don’t actually disagree with Vartanian’s analysis. As I noted above, this has become commonplace. Vartanian criticizes the average consumer’s apathy towards security breaches, which might rankle some readers, but he’s just trying to make a point that our apathy engenders complacency among these corporations. It’s clear that Vartanian is a much firmer believer in, say, capitalism and the free market, than I am, yet even he’s advocating for the government to step in and regulate and centralize some of this decision-making.
Vartanian is quite hawkish towards China. Pretty much every warning he delivers in this book is framed in terms of China doing something awful, either towards its own people or towards democratic countries like the US. Don’t get me wrong—China is not a paragon of a place, especially considering its treatment of minority groups like the Uyghurs. I’m not here to defend China. However, I’m also not a fan of sinophobic rhetoric that positions China as an economic, military, or political bogeyman simply to justify enhanced security. Moreover, although Vartanian is highly critical of the United States’ inaction on cybersecurity, he hasn’t quite extended that critical analysis to this idea that the US is a democracy or that it is “the greatest nation on Earth” (at least aspirationally, if not in practice). That is to say, I disagree with Vartanian’s implicit goal to preserve the US as the supreme superpower of the world. Still, I don’t think this hegemonic perspective is all that surprising given his background or even just the description of the book, so I think most readers who choose to pick up this title will either be more sympathetic to these views than me or will at least understand what to expect.
Beyond these differences in ideology, my criticism of the book is more about the structure and depth than style or substance. The middle part of the book is a lengthy history of the late twentieth and early twenty-first centuries through the lens of networking, finance, and cybersecurity. It’s useful, yes—I learned stuff I definitely didn’t know—but it’s also very drawn out and dry. I wonder if a more robust approach, with this timeline condensed into another appendix, might have made things more interesting.
On a similar note, Vartanian’s explanations for the internet’s physical infrastructure and cybersecurity in general tend to meander between levels of audience. Some of the explanations are so basic I think he’s talking to people with rudimentary understanding of what a computer is at best; other explanations are so high level that I struggle to understand them. My guess would be that the book wants to cater to a variety of audience levels of knowledge about networking. That’s fine in theory, but in practice it made the book feel very uneven for me.
So do I recommend the book? Sure. If you are interested in finances, cybersecurity, networking, etc., this is a thoughtful and very knowledgeable analysis. Vartanian knows what he’s talking about, is a confident writer, and delivers interesting arguments. Even when you disagree, you’re going to come away having learned a lot. Just don’t expect something revolutionary.