In this post I review The Dark Visitor (TDV) by Scott J. Henderson, owner of the blog of the same name -- The Dark Visitor. Scott generously sent me a copy of his book after I found his blog and learned what the book discussed. The term "dark visitor" is Henderson's translation of the Chinese characters for "hacker".
TDV is a fascinating book, and if I could have reviewed it at Amazon.com I would have rated it 4 out of 5 stars. TDV is the only book I have found devoted exclusively to the Chinese underground. Once in a while I write about China in my blog, but Mr. Henderson's knowledge of the Chinese scene is amazing. What is more remarkable is his comment that all the information one needs to understand Chinese hackers is simply out in the open! The language barrier and cultural differences are probably the most significant challenges for Westerners trying to understand Chinese hackers.
TDV focuses on culture, history, and personalities. Many Chinese hackers are driven by intense patriotism and nationalism. They feel compelled to "defend" their homeland by attacking others, initially foreign sites but increasingly their own countrymen. Chapter four addresses the questions my blog readers are most likely to ask, namely the relationship between Chinese hackers and the Chinese government. Mr. Henderson believes Chinese hackers operate independently but some elements are likely to cooperate with those who perform espionage. Mr. Henderson makes the interesting point that Chinese military doctrine considers civilians to be an element of national power, so working with independent hacker groups to achieve national security and economic goals should not be surprising.
If that seems unremarkable, contrast those points with the American scene. American hackers are not revered as patriots. The intelligence and national security apparatus does not conduct an active and fruitful dialogue with the underground. The American government does not use hackers to advance political goals.
I gave the book four stars because it could use some work. It is self-published and needs the review of a professional editor. There are exceptionally few typos but an editor could improve the overall text considerably. Also, the book abruptly ends without warning. I think there is plenty of new material the author could include in a second edition, which I would eagerly read.
There are unfortunately very few books on real threats, i.e. parties with the capabilities and intentions to exploit vulnerabilities in assets. I would love to see books like this on the Russian and eastern European scene, and perhaps one on the Brazilian underground. I strongly suggest buying and reading TDV if you are trying to understand Chinese hackers. You should also subscribe to Mr. Henderson's The Dark Visitor blog.