// Comparison

@War vs The Hacker and the State: Which Should You Read?

Two cybersecurity books on Geopolitics, compared honestly: who each is for, what each does best, and which to read first.

Beginner

4/52014

@War

The Rise of the Military-Internet Complex

Shane Harris

Shane Harris on the entanglement of US military doctrine, the intelligence community, and private contractors after cyberspace was declared the fifth warfighting domain.

Beginner

5/52020

The Hacker and the State

Cyber Attacks and the New Normal of Geopolitics

Ben Buchanan

Ben Buchanan's argument that state-on-state cyber operations are not deterrence-shaped (like nuclear) but signaling-shaped: countries use cyber to shape the environment, not to threaten escalation. Builds the case from declassified incidents.

Read this if

Anyone interested in the contractor and policy economy that surrounds US offensive cyber. Harris reports the institutions (NSA, CYBERCOM, the contractor ecosystem) and how their tensions shape strategy. Strong companion to Dark Territory.

Anyone trying to think clearly about state-sponsored cyber: policy staff, threat-intel analysts, journalists, and security leaders who have to brief on "the cyber threat" without resorting to vendor decks. The single best academic-grade synthesis of the last twenty years of state cyber operations.

Skip this if

Practitioners wanting technical detail on operations. Harris is reporting institutional politics, not implementation; the book is for readers who care about how decisions get made, not how shells get popped.

Readers wanting forensic detail on specific operations. Buchanan synthesizes; for the procedural blow-by-blow on Stuxnet, NotPetya, or the SolarWinds incident, go to Zetter, Greenberg, and the post-incident reports respectively.

Key takeaways

The Military-Internet Complex is real, profitable, and largely opaque to oversight; Harris names the contractors and traces the dollar flows.
CYBERCOM's establishment was less doctrine than Pentagon turf consolidation; the book documents the bureaucratic battles candidly.
Defense and offense are organisationally entangled inside the US government; the conflicts of interest the book describes have only sharpened since publication.

Cyber is poorly modeled by deterrence theory: states use it constantly, below the threshold of war, to shape the environment rather than to threaten escalation.
The signaling/shaping distinction (espionage, sabotage, destabilization, election interference) is the right taxonomy for analyzing modern campaigns and is the book's most reused contribution.
Attribution and accountability remain genuinely hard, and that asymmetry is itself a structural feature of cyber statecraft, not a temporary condition awaiting better tools.

How they compare

We rate The Hacker and the State higher (5/5 against 4/5 for @War). For most readers, that means The Hacker and the State is the primary pick and @War is a useful follow-up.

Both books target beginner-level readers, so the choice is about topic, not difficulty.

@War and The Hacker and the State both cover Geopolitics, Narrative, so reading them in sequence reinforces the same material from different angles.

Keep reading