Operation Desolation


Paul Baccas

Sophos, UK
Editor: Helen Martin


Paul Baccas reviews a short story by Windows systems internals expert and Microsoft Technical Fellow, Mark Russinovich: Operation Desolation.

Title: Operation Desolation: The Case of the Anonymous Bank Defacement

Author: Mark Russinovich

Publisher: Thomas Dunne Books

ASIN: B0080K37P2

This short story is set in Las Vegas at ‘CyberCon’, a conference hosted by a fictional security training and consulting company and sponsored by a major US Department of Defense contractor. We see the return of the hero of Russinovich's first novel, Zero Day, the cyber maven Jeff Aiken, with passing appearances from Daryl Haugen. In the story, Daryl has left her job at the National Security Agency and joined Jeff in a professional and personal partnership. The events take place in the two-year period between Zero Day and the author's latest novel, Trojan Horse.

The story attempts to tackle a number of newsworthy issues: the banking crisis, hacktivism and the Anonymous group. The issues are covered in rather broad brush strokes – and if we believe that the author has followed the tip ‘write about what you know’, one might conclude that he had been burned in the banking crisis.

A nice touch is that there is a teaser in this story for Trojan Horse, in that there is mention of the Android vulnerability that is crucial to its plot.

Operation Desolation is another dynamic and engaging story from Russinovich – once started, it is hard to put down.



Latest articles:

VB2019 paper: Domestic Kitten: an Iranian surveillance program

In a fundamental regime that is constantly wary of anything that might jeopardize its stability, and a region that is a hotbed of political conflicts and dissensions, it is not surprising to discover a large‑scale surveillance campaign that keeps an…

VB2019 paper: DNS on fire

Cisco Talos has identified malicious actors that have been targeting the DNS protocol successfully for the past several years. In this paper, researchers Warren Mercer & Paul Rascagnères present two of the threat actors they have been tracking.

Dexofuzzy: Android malware similarity clustering method using opcode sequence

This paper proposes the use of the ‘Dalvik EXecutable Opcode Fuzzy’ (‘Dexofuzzy’) hash to find similar malware variants without the need for an analyst to have systematic or mathematical knowledge.

VB2019 paper: We need to talk – opening a discussion about ethics in infosec

Several professionals defend the notion that technology and ethics have nothing to do with each other. This paper presents various schools of thought pertaining to the philosophy of justice, and explores how they could help us solve some of the…

VB2019 paper: Inside Magecart: the history behind the covert card-skimming assault on the e-Commerce industry

Magecart is an umbrella term given to at least 12 cybercrime groups that are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate and with frightening success. This paper presents a timeline of the Magecart…

Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.