Thursday, September 12, 2019

New Novel Explores: Can The United States Prevent A Deadly, Large-Scale Cyber-Attack?

 Virus Bomb: A Novel by [Scott, D. Greg]

What would happen if a nation-state really did launch a serious cyber-attack against the United States, perhaps as part of something larger?

Who will step up to save us – the government, big business, or maybe a team of superheroes? 

Or maybe a few ordinary people. Because real superheroes are ordinary people who step up when called. Even when they don’t want to. A new book explores what could happen when things go deadly wrong.

D. Greg Scott , with 40 years of IT experience under his belt, including 15 years building firewalls and handling cybersecurity for dozens of organizations and thousands of people, delivers a fascinating look at what our nation could experience in the near future – unless we take steps to avoid a cyber disaster – with his newest novel, Virus Bomb (Morgan James Publishing).

So much can go wrong today – hacked files, financial theft, identity fraud, data breaches, ransomware. And then there is the big stuff.

In his book for nail-biting adrenaline junkies, Scott dissects the technological details of an all-too-familiar cyberattack, and the all-too-familiar reaction from people who should know better. But this time, the country will pay dearly unless a few ordinary people step up. Scott hitches the imagination to a rocket as he launches the reader into the middle of a potentially devastating chain of events.

Virus Bomb ( hits home because the real world is plagued with daily data breach headlines,” asserts Scott. “And the public rarely learns the root cause behind these disasters. If we care about winning against the armies of attackers out there, we need to lift the fog around how these attacks unfold.”

Drawing on real news accounts and first-hand research, which included listening to hours of cockpit recordings, interviewing law enforcement professionals, studying historical events, and learning about the practice of the Muslim faith, Scott produced an authentic novel that will scare people every time they visit a shopping mall. He combines his deep tech knowledge with a flair for action to deliver a roller-coaster ride.

Virus Bomb draws in a diverse audience of aviation enthusiasts, medical professionals, leaders in business and government, law enforcement officials, penetration testers, and everyday people. Using decades of experience in the IT industry, Scott transports the reader to the brink of the largest cyber-attack in history, where the fate of thousands rests in the hands of “Jerry,” the IT guy.

Here is an interview with Scott, a client for the public relations firm that I work for:

1.      Greg, what inspired you to pen Virus Bomb? While writing Bullseye Breach, I saw a small story on a back page in the St. Paul Pioneer Press about somebody who committed suicide after the Target data breach. That drove home for me that the stakes for cyberattacks are higher than just money. We’re all interconnected these days and malicious online interactions really do contribute to people dying. And, so with Virus Bomb, I wanted to combine several elements. How and why does a teenager who grew up in the United States decide to join an overseas terrorist group? After the United States launched a software weapon against a hostile country, what happens when that country turns it back on us? At the grass roots, what happens when we purposely ignore the threats all around us because they come with technology words nobody understands? And in our interconnected world, how do ordinary people influence all this?

2.      Could the events in Virus Bomb really happen? Yes. Many events in Virus Bomb have already happened in the real world.

Consider the real-world cyberattack against the United States Office of Personnel Management (OPM) that made headlines in 2015. OPM allowed the Chinese to steal a roster and other information about every single US Government employee. OPM also allowed the Chinese to steal detailed information everyone who applied for a security clearance shared with the US Government. Imagine the spear phishing scams, blackmail, and other ways a hostile foreign power could exploit that information.

Or consider the real-world 2008-2009 cyberattack the United States and Israel deny launching against the Iranians to slow Iran’s nuclear ambitions. Iran has had 10 years to study that code and use it against us.

Think about manipulating high government officials or other influential people into doing something stupid. In the real world during the 2016 election cycle, former Whitehouse Chief to Staff, John Podesta fell for a phishing attack and gave away his email password to the Russians, and the Democrats allowed the Russians to steal their private emails.

Large-scale attacks are so common these days, they barely last one news cycle. Search for any Fortune 500 company name and “cyberattack” and the odds of finding a real-world attack story are better than even.

Readers will find plenty of excitement in Virus Bomb. But no Hollywood hackers. Nobody needs to suspend disbelief with this story.

3.      Is your book a warning to America that our present defenses against a deadly cyber-attack are woeful? Yes, but it’s more. A friend at Morgan James Publishing first presented these goals and I’m adopting them as my own. I also want to educate, inspire, and entertain people. And we need to pull our heads out the sand and take the kick me signs off our other sides.

4.      How did you go about researching the technical aspects of airplanes, law enforcement, the Muslim faith, and other central parts of your book? I spent lots of late nights reading and listening to lots of material and talking to lots of people. Jerry Barkley spent a couple hours in the air, but it took me months to get him safely on the ground. I mentioned some of it in my acknowledgements; I had to find a good airport for him to land, I had to dig through Cessna documentation to figure out those instruments, and in airports, I buttonholed everyone I could find in a uniform when I was traveling for my job to try and figure out how the radio worked. I poured time and homework into every element of Virus Bomb because I wanted to get it right. I read lots of Muslim history around what Christians did during the Crusades and even while Columbus was discovering the new world. The backstories behind many of Jerry Barkley’s interactions with the FBI are autobiographical. As are many of the cyber elements and characters. Virus Bomb is fiction, but I want it to be credible fiction.

5.      Tell us about the lead character, Jerry Barkley. Who is he? He’s a middle-aged, bald-headed white guy from Minnesota. He lives in a suburb with his wife of 30+ years, an adult daughter, and her two boys. He spent the first half of his career trying the climb the same corporate ladder as every other middle-aged suburban white guy. That didn’t work out well, and now he’s trying to get Barkly IT Services off the ground. He’s been trying to get Barkley IT Services off the ground for more than twenty years. Some call him stubborn. He likes to think of it as persistent. He respects authority, but only to a point. He has a quick wit, a keen mind, and never enough money. But even if he had unlimited money, splurging for Jerry Barkley means buying a new washing machine instead of fixing the old one again.

6.      Your book is both entertaining and thrilling – as well as a bit of a warning and prescriptive text.  Why are we fascinated with the big events that could destroy cities and kill millions? I don’t know – I’m just a bald guy from Minnesota. But when I look back to, say, the 1991 Gulf War, I spent money to bring cable TV into my house so I could watch live CNN coverage. I was busy at work during the 9/11 incident, but I spent every possible moment soaking up details and I still remember where I was and what I was doing. I also remember being glued to the news during the 2003 shock and awe campaign. I share the same fascination with big events, but I need to think more about why. It might be because I worry those events will turn my comfortable world upside-down.

7.      Your book seems to demonstrate how ordinary people step up and impact the world.  How can we encourage others to see themselves as being potential heroes? Real superheroes are ordinary people who step up, but many people want somebody else to step up. Virus Bomb has a character like that, and nothing and nobody will change her mind. How do we convince a skeptical business manager they’re an unwitting global catalyst for catastrophe?

In the real world, I used to play church-league, coed softball. I was never much of a softball player, and one time, a frustrated team coach tried to teach me about situational awareness. Know how many outs, where the baserunners are, the ball/strike count, and dozens of other factors. Always keep abreast of the game situation and how it affects me playing my position. This didn’t help my hitting, catching, or throwing, but hopefully helped me make smarter game decisions. This applies outside sports. They say when a bird lands on a power line in Canada, people in Mississippi feel it. In our interconnected world, somebody in North Korea can shut down a careless Fortune 500 movie studio with a few keystrokes. Or somebody in Ukraine can steal millions of credit card numbers from Minneapolis based Target Corp. by compromising an obsolete computer in an HVAC company in Pennsylvania.

We encourage others to see themselves as potential heroes by teaching global situational awareness. Start by reading Virus Bomb and Bullseye Breach.

8.      You say that the bad guys are good at collaborating and sharing secrets on how to hack the Internet’s vulnerable spots.  Don’t the good guys work together, too? Not as well as we should. Look no further than the recent Capital One incident as a possible Exhibit A. Although we suspect somebody used a web application firewall as a weapon in a server-side request forgery attack, the specific exploit the attacker used to penetrate that network is still not public. Equifax offers another example. It took a Congressional investigation to produce a report on what went wrong. Don’t believe me? Pick any Fortune 500 company at random, call the security department, and ask for details on how it protects itself. Good luck getting an answer.

9.      How can digital attacks on data get weaponized to the point terrorists can expose us to dangerous biological, chemical or traditional threats? Back in 2008, the United States and Israel officially did not collaborate to sabotage the programmable logic controllers (PLCs) that controlled the Iranian centrifuges they used to refine Uranium. Somebody – the United States and Israel deny they were involved – sabotaged the software in those PLCs to spin the centrifuges faster than their rated capacity. This destroyed lots of centrifuges. Experts estimated this set the program back buy two years. All it takes is for software to open or close the wrong valve at the wrong time and somebody could blow up a nuclear power plant. Or worse. Or beyond direct targets, an attacker could penetrate, say, the transport industry, find details about shipments of dangerous materials, and go after those.

10.  Do criminals and terrorists use the same tactics as nations do in the e-war battles fought online? Yes. The only difference is, nations have more people doing more of it.

11.  Should we trust Amazon, Google, Facebook and Microsoft to protect us? About as much as we should trust Bernie Madoff with our investments.

12.  What trends do you see formulating in IT and cyber-security? More consolidation into massive datacenters as everyone moves into the cloud. Tighter and tighter connectivity, with associated applications on top of that as we continue wiring the world with fiber. More sensational headlines about data breaches, more hysteria. But it will eventually improve as the technology and our attitudes mature, just like with earlier technology revolutions.

13.  Do we sometimes need fiction to present the truth to ourselves? Yes. We’ve been using fiction to present truth for thousands of years.

14.  Why do so many companies and government agencies proclaim they’ll do more to take cybersecurity threats seriously – and then huge data break-ins are discovered? Too many business and political leaders consider IT as an expense instead of an asset. Until that attitude changes, the empty proclamations will continue. Many busy executives pay lip service to cybersecurity, but delegate it all to the IT Department with the mandate to do more with less. When Home Depot lost 56 million customer credit card numbers back in 2014, the Home Depot execs summed it up best when they said, “We sell hammers.”  Other busy execs get paranoid. They spend lots of money for security theater with checklist audits from third party companies, but never educate themselves on the fundamentals behind those audits. Proclamations are easy. Practicing due diligence, investing, and making informed decisions is hard work. So is leadership. And industry and government need leadership to tackle this problem. Somebody needs to lead the way into adopting open.

The Book Marketing Strategies Of Best-Sellers

How Authors Can Sell More Books

No. 1 Book Publicity Resource: 2019 Toolkit For Authors -- FREE

How Authors Get Bulk Sales Now

Brian Feinblum’s insightful views, provocative opinions, and interesting ideas expressed in this terrific blog are his alone and not that of his employer or anyone else. You can – and should -- follow him on Twitter @theprexpert and email him at He feels much more important when discussed in the third-person. This is copyrighted by BookMarketingBuzzBlog ©2019. Born and raised in Brooklyn, he now resides in Westchester. His writings are often featured in The Writer and IBPA’s Independent.  This was named one of the best book marketing blogs by Book Baby and recognized by Feedspot in 2018 as one of the top book marketing blogs. Also named by as a "best resource.” He recently hosted a panel on book publicity for Book Expo America.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.