Spies Among Us and over one million other books are available for Amazon Kindle. Learn more
Qty:1
  • List Price: $30.00
  • Save: $9.57 (32%)
FREE Shipping on orders over $35.
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
FREE Shipping on orders over $35.
Used: Good | Details
Sold by apex_media
Condition: Used: Good
Comment: Ships direct from Amazon! Qualifies for Prime Shipping and FREE standard shipping for orders over $25. Overnight and 2 day shipping available!
Access codes and supplements are not guaranteed with used items.
Add to Cart
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day Hardcover – April 8, 2005

ISBN-13: 978-0764584688 ISBN-10: 0764584685 Edition: 1st

Buy New
Price: $20.43
42 New from $1.99 44 Used from $0.65 4 Collectible from $17.50
Amazon Price New from Used from
Kindle
"Please retry"
Hardcover
"Please retry"
$20.43
$1.99 $0.65
Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Frequently Bought Together

Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day + The Art of Deception: Controlling the Human Element of Security + The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers
Price for all three: $42.59

Buy the selected items together

If you buy a new print edition of this book (or purchased one in the past), you can buy the Kindle edition for only $2.99 (Save 81%). Print edition purchase must be sold by Amazon. Learn more.


Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Hardcover: 346 pages
  • Publisher: Wiley; 1 edition (April 8, 2005)
  • Language: English
  • ISBN-10: 0764584685
  • ISBN-13: 978-0764584688
  • Product Dimensions: 9.2 x 6.3 x 1.1 inches
  • Shipping Weight: 1.2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.2 out of 5 stars  See all reviews (22 customer reviews)
  • Amazon Best Sellers Rank: #772,394 in Books (See Top 100 in Books)

Editorial Reviews

From Publishers Weekly

Those who are already paranoid about information theft, both personal and professional, should take a muscle relaxant before reading this eye-opening survey of the many holes that exist in our security and intelligence systems. Author Winkler (Corporate Espionage) began his career at the National Security Agency, and his exploits in the private sector, testing security systems by breaking into banks and high-profile companies, have earned him a place in the Information Systems Security Association Hall of Fame. Winkler's background not only lends his book an authoritative voice, but embellishes his nuts-and-bolts material with rich references to intriguing cases in which he's been involved. The book kicks off provocatively, explaining why James Bond and Sydney Bristow from the TV show Alias "suck as spies" and detailing what spies at various levels actually do. He then goes on to explain how spies and/or "their friends" (i.e., hackers, identity thieves, spammers, etc.) can get at an organization. Although the book will interest security professionals more than consumers, there's some choice bits here for readers captivated by cloak-and-dagger endeavors. Winkler's chapter on "How to Be a Spy" shines as a concise tutorial on how genuine spooks operate, and his case studies, which make up the middle of the book, fascinate as examples of how easy it can be to compromise the security systems of high visibility companies-even post 9/11. Overall, this is a thorough, at times absorbing, cautionary tale for any company or person who subscribes to the Boy Scout motto: Be prepared.
Copyright © Reed Business Information, a division of Reed Elsevier Inc. All rights reserved.

Review

Required reading by counterintelligence warrant officers in training at the U.S. Army Intelligence Center, Spies Among Us is a primer into the basic principles of intelligence operations. Indeed, Ira Winkler notes that spies, terrorists, hackers, and criminals all use the same basic techniques to collect information on their targets.
Mr. Winkler is a former undercover security analyst with the National Security Agency, who now works with governments and major corporations to help them uncover potential security breaches. He states in the introduction to Spies Among Us that there seems to be a fascination with spectacular acts committed by terrorists, foreign intelligence operatives, and computer hacking geniuses. Against such threats, corporations and individuals are tempted to feel powerless. Such acts, though potentially devastating, are quite rare and only affect relatively small numbers of people and businesses. Conversely, natural disasters, accidents, and criminal acts, though not as spectacular, are much more common and affect many more people. In Spies Among Us, Mr. Winkler seeks to empower his readers with simple countermeasures that can mitigate the common threats we all face. He further adds that such prudence also helps protect against attacks from the terrorists, spies, and computer geniuses.
Spies Among Us is divided into three parts. Part I discusses the fundamental concepts of the intelligence process, espionage, and crime. Part II explores the details of some notable penetration tests conducted by Mr. Winkler and his colleagues as well as some real-world cases of high- level crime and espionage. Finally, Part III describes the simple countermeasures that can be used to reduce both individual and corporate vulnerabilities to various threats.
In Part I, Mr. Winkler defines risk, threat, vulnerability, counter-measures, value, and their interrelationship. He further explains how to determine the value of assets and how to evaluate various threats against those assets. Of particular interest to BECCA members, Mr. Winkler thoroughly describes the corporate espionage threats that U.S. corporations face. He lists the major countries that successfully use their state intelligence agencies to target U.S. corporations. Among those countries are two U.S. allies identified by the CIA as conducting espionage against U.S. companies: France and Israel. Furthermore, Mr. Winkler describes how each nation targets U.S. corporations both at home and abroad. He states that the U.S. government is quite different than that of most other industrialized nations in that it generally does not collect intelligence on behalf of its corporations. Contrast this with the statement of Pierre Marion, the former head of the French foreign intelligence agency who has stated, "There is no such thing as an economic ally." Among other countries, the U.S. government is considered "naïve" in its view of international corporate espionage.
In addition to foreign intelligence threats, Part II of Spies Among Us explains how corporate information leaks can be caused or exploited by insiders (employees), petty crime, suppliers, customers, and competitors. In regards to employees, the author draws an amazing parallel between the profile of an extremely hard- working employee and that of a spy. They both show interest in what their coworkers are doing, they volunteer For extra work, they work late, and they rarely take vacations. Attackers Target vulnerabilities of corporations and individuals. Mr. Winkler defines Vulnerabilities in four categories: operational, physical, personnel, and technical. Under operational vulnerabilities, he addresses security awareness and makes a notable statement, that "there is no common sense without common knowledge," emphasizing the importance of security awareness training for everyone.
In Part II, not only does the author describe various successful attacks Against major corporations, he also describes the vulnerabilities which facilitated or allowed these attacks.
In Part III, Mr. Winkler explains simple countermeasures to address these vulnerabilities and similar vulnerabilities of individuals. He defines these countermeasures in the same categories that he used for vulnerabilities. However, he makes the interesting observation that the categories do not necessarily correlate. For instance, he states that poor security awareness is an operational vulnerability. However, an effective countermeasure for poor awareness is a technical countermeasure such as token-based authentication which thwarts social engineering attacks designed to obtain passwords from users. In the final chapter, Mr. Winkler provides practical suggestions for implementing and testing countermeasures and incident response procedures. He includes sound advice on how to garner support from management and compliance from employees. He states that an effective security awareness program could result in "thousands of people detecting security problems, not just the two people in a typical security department."
As a military intelligence professional, I found Spies Among Us to be a fascinating and enlightening read. As only someone who has great understanding can, Mr. Winkler greatly simplifies the intelligence process and provides interesting insights into recent events. He also writes from the vantage point of an insider. The security countermeasures he recommends are practical and feasible for both organizations and individuals to implement. As someone who sees the need for professional reading but who does not normally enjoy such activity, I found this book to be refreshingly enjoyable to read. I highly recommend Spies Among Us to anyone working in the security or intelligence field. I also highly recommend it to anyone else who has ever felt vulnerable or who just wants to peer into the hidden world of espionage and crime that is always among us.
"Spies Among Us reads like a Robert Ludlum novel, [and] it’s riveting because it’s all true. If you’ve got a social security number, you need to read this book whether you’re a CEO or a grandmother. Winkler reveals the top threats to our personal and national security, with lots of straight-forward advice on how to protect yourself."
–Soledad O'Brien, CNN

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

I was very impressed with his style of writing and the material he covers.
T. M. Urquhart Jr.
A most dangerous threat that will force you to give up an information is MICE (Money Ideology Coercion Ego).
Boris
This book has really opened my eyes to issue I never thought of in Information Security.
Senrats

Most Helpful Customer Reviews

46 of 51 people found the following review helpful By James J. Lippard on November 27, 2005
Format: Hardcover
Spies Among Us is in many ways similar to Winkler's previous book, Corporate Espionage. It describes threats and vulnerabilities, gives case studies of attacks and penetrations (some malicious by miscreants, some as part of his own testing), and offers countermeasures and lessons learned.

The book is divided into three parts--Part I is on "Espionage Concepts," which describes the intelligence process, forms of information, risk equations, how security's components are confidentiality, integrity, and availability, how to measure asset values, and so on. Part II is "Case Studies" and is the most interesting and original portion of the book. Part III is "Stopping the Spies," about specific vulnerabilities and countermeasures.

As in the previous book, Winkler's advice is sound and the case studies are interesting. Unfortunately, much of the book duplicates the prior book and other books in the field, which is part of why it took me three months to get through this book--I got hung up in Part III, which was mostly old hat.

What I found most disappointing about the book beyond its lack of novelty were two features: first, that there were frequent errors and omissions which seemed a display of either lack of research or carelessness; second, that Winkler takes many opportunities to tell the reader that he's involved in important things, but without showing the evidence for it.

Examples of the first include not only simple things like typos that should have been caught by the editor (p. xv "phased" for "fazed", p. xvi "over" for "cover"), but factual errors. On p. 55 he writes of the 1996 blackout of "nine states of the Pacific Northwest." There aren't nine Pacific Northwest states, and there were two Western U.S.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
8 of 8 people found the following review helpful By Dr. G. Hinson on December 9, 2005
Format: Hardcover Verified Purchase
Read this book to appreciate what is (or should be) keeping your Information Security Manager awake at nights, and to understand what he/she probably wants (or ought) to do about it.

Ira learnt his trade working for the US National Security Agency. His spooky background provides a somewhat disturbing undercurrent throughout the book but this is neither a James Bond training manual nor a shock horror exposé of the murky world of spies. It is in fact a very broad exposition highlighting the urgent need for all organizations to implement suitable information security controls.

Chapter five "How the spies really get you" should be compulsory reading for all managers. In less than fifty pages, Ira explains how virtually anyone in or associated with the average organization may represent a vulnerability, some more than others. I challenge any experienced manager to read this chapter without thinking about probable weaknesses in their own organization, perhaps even in their own departments.

If chapter five piques your interest, I guarantee you will enjoy the rest of the book. The previous four chapters set the scene, explaining that information security is far more than simply a matter of implementing system/network access controls. The next six chapters (part II of the book) present compelling case studies built (we are told) around genuine real-world situations. Ira is known for describing attack methods quite explicitly, meaning that having read the case studies, you will be in a similar position to those who actually committed these attacks. Each case concludes with a description of the vulnerabilities exploited.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
6 of 6 people found the following review helpful By Thomas Duff HALL OF FAMETOP 500 REVIEWERVINE VOICE on July 17, 2005
Format: Hardcover
So just how safe are you and your company/organization? My guess is, not very. Spies Among Us by Ira Winkler will definitely drive home that fact...

Contents:

Part 1 - Espionage Concepts: How To Be A Spy; Why You Can Never Be Secure; Death By 1000 Cuts; Spies And Their Friends; How The Spies Really Get You

Part 2 - Case Studies: Spy vs. Spy; Nuclear Meltdown; Fill'er Up!; The Entrepreneur; The Criminal Face Of The Internet Age; Crimes Against Individuals

Part 3 - Stopping The Spies: Taking Control; Taking Action; Index

Winkler is someone who does "attacks" for a living. He routinely is hired by companies to do threat assessment on their systems and locations, and unfortunately he is often successful with far too little effort. These assessments could be just a simulated attack to gain access to secured locations and systems that could then be compromised, clear up to security of nuclear facility information and terrorist attacks on fueling facilities at airports. It's that last one that is scary, in that it was done in a post-9/11 environment, and went off without a hitch. We're just not in the "security mindset" in most cases.

But rather than just go on about how easy it is to hack and crack systems, he also offers plenty of advice on how best to build a security program that is effective (both from a cost and result perspective). Each of the case studies ends with a summary that shows how something like this could happen, as well as what vulnerabilities were found and exploited. That piece by itself would be worth the cost of the book. But the final two chapters are where you'll benefit most.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Most Recent Customer Reviews

Search

What Other Items Do Customers Buy After Viewing This Item?