The Hacker and the State
Cyber Attacks and the New Normal of Geopolitics
Ben Buchanan's argument that state-on-state cyber operations are not deterrence-shaped (like nuclear) but signaling-shaped: countries use cyber to shape the environment, not to threaten escalation. Builds the case from declassified incidents.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Ben Buchanan
- Published
- 2020
- Publisher
- Harvard University Press
- Pages
- 432
- Language
- English
Read this if
Anyone trying to think clearly about state-sponsored cyber: policy staff, threat-intel analysts, journalists, and security leaders who have to brief on "the cyber threat" without resorting to vendor decks. The single best academic-grade synthesis of the last twenty years of state cyber operations.
Skip this if
Readers wanting forensic detail on specific operations. Buchanan synthesizes; for the procedural blow-by-blow on Stuxnet, NotPetya, or the SolarWinds incident, go to Zetter, Greenberg, and the post-incident reports respectively.
Key takeaways
- Cyber is poorly modeled by deterrence theory: states use it constantly, below the threshold of war, to shape the environment rather than to threaten escalation.
- The signaling/shaping distinction (espionage, sabotage, destabilization, election interference) is the right taxonomy for analyzing modern campaigns and is the book's most reused contribution.
- Attribution and accountability remain genuinely hard, and that asymmetry is itself a structural feature of cyber statecraft, not a temporary condition awaiting better tools.
Notes
Pair with Sandworm (Greenberg) and Countdown to Zero Day (Zetter) for the operational ground truth Buchanan abstracts from, and with Dark Territory (Kaplan) for the US institutional history. Buchanan's earlier The Cybersecurity Dilemma is the academic prequel; this book is the public-facing follow-up. Required reading for anyone briefing leadership on geopolitical cyber risk.
What to read before
What to read before The Hacker and the State →Beginner · 2019
Sandworm
Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.
Beginner · 2014
@War
Shane Harris on the entanglement of US military doctrine, the intelligence community, and private contractors after cyberspace was declared the fifth warfighting domain.
Beginner · 2023
A Hacker's Mind
Bruce Schneier extends the security-engineering frame of "hacking" to law, finance, politics, and tax: every rule-based system has exploitable seams, and the wealthy and powerful exploit them constantly.
What to read next
What to read after The Hacker and the State →Beginner · 2019
Sandworm
Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.
Beginner · 2014
@War
Shane Harris on the entanglement of US military doctrine, the intelligence community, and private contractors after cyberspace was declared the fifth warfighting domain.
Beginner · 2023
A Hacker's Mind
Bruce Schneier extends the security-engineering frame of "hacking" to law, finance, politics, and tax: every rule-based system has exploitable seams, and the wealthy and powerful exploit them constantly.
Explore similar books
Alternatives to The Hacker and the State →Beginner · 2019
Sandworm
Long-form journalism on the GRU's hacking operations, the best non-technical book on what state-level cyber actually looks like.
Beginner · 2023
A Hacker's Mind
Bruce Schneier extends the security-engineering frame of "hacking" to law, finance, politics, and tax: every rule-based system has exploitable seams, and the wealthy and powerful exploit them constantly.
Beginner · 2021
This Is How They Tell Me the World Ends
Nicole Perlroth's reporting on the global zero-day market: how exploits get bought, by whom, and how the gray-then-black market shapes which vulnerabilities get fixed and which get hoarded.