“Social Engineer” by Ian Sutherland

517edmpb0fl-_sy346_ This book has a lot going for it: secret agent vibe, engaging plotting style, and the feeling of a learner’s guide for real-world hacking infiltration.

Unfortunately, I cannot recommend it without some major caveats.

I’m a fan of Mission Impossible. The old, television Mission Impossible – the first few seasons where Jim Phelps (Peter Graves) or Dan Briggs (Steven Hill) headed up the team, and brilliant planning, synchronized timing, and exceptional team-work were more important than gadgets and explosions.

Social Engineer has that vibe. It introduces Brody Taylor, a white-hat “hacker” who specializes in running “penetration tests” – basically a simulation of a hacking attack to evaluate a company or group’s defenses and advise the leadership how to improve their precautions.

The technical aspects are well described for anyone who doesn’t have a computer technician for a father, though some of the tension over “black hat”/”white hat” hacking was unclear in the beginning. As a simplistic explanation: “black hat” hackers steal credit card numbers, personal information, and national secrets, etc. — “white hats” are paid by companies to help improve their own security, to help stop “black hats,” etc.

The narrative is a little untraditional, alternating chapters between the present and the recent past to explain motivations and reveal further details of events. This is handled well, and I thought it was overall well-paced.

Brody also has an “everyman” flavor. While inexplicably self-conscious of his profession, Brody gives the idea that anyone with good acting and basic tech skills can hack. His operations also emphasize what my dad has taught me: the weak link in cyber security is people (ex: a security feature that the end users won’t use doesn’t protect anyone).

I also liked Brody’s use of psychology to gain people’s trust and perform his work. Referencing Mission Impossible again, his business is pulling off bluffs and playing roles – not something dependent on expensive gadgets or super fight moves. It made the book an accessible, down-to-earth take on the “spy” business.

Now, I have to mention my cautions. These come in two categories.

First, language. This is a more minor issue for me, both because there’s not much of it and because I can gloss over a certain about of inappropriate words. It’s nothing more than you might encounter in a store or the break-room, but it stood out to me partly because my circle doesn’t talk that way, and also because the lion’s share of the “bad words” were uttered in an upper-tier corporate setting. I recognize that high corporate officials are as human as the rest of us, and some characters are more foul under stress than others, but the unprofessional language made me pause and consider it. As I said, there’s not much (certainly not one every page) but I mention it in the spirit of full disclosure.

Secondly, sex. This comes in two branches. A minor side-character is engaged in a homosexual relationship. This character – and the relationship – have no plot significance, which implies the author included it either 1) for the purposes of virtue-signalling (for inclusivity’s sake), or 2) because he personally knows people engaged in this behavior and was trying for verisimilitude. The narrative seems inconclusive which it is. Again, in the spirit of full disclosure, this aspect of the book is not important to the plot, nor (I thought) to the development of the main characters.

Finally, this is my biggest issue, and presents a genuine barrier to this interesting story. The main character has a girlfriend, and there is one brief scene of them, er, “intimate.” The scene is “explicit” rather than “graphic,” if that makes sense, but it definitely was not necessary and reduces the number of people I can recommend the book to. It was all the more disappointing since the author had proven in other passages that he could communicate just as much through subtlety and implication, making this spelled-out scene superfluous – and only tangentially useful for building up the characters and advancing the plot.

(Going back to Mission Impossible once more — Cinnamon Carter (Barbara Bain) kept her clothes on, people. Sure, some of the episodes had implications to the roof, but they abided by television regulations.)

I acknowledge that for some audiences this content is necessary in a self-proclaimed “thriller,” but for me (and those like me) it really detracted from the experience.

Sadly, the ending is…sad. It felt like it could be just the end of the first act, but it’s actually the conclusion to a baffling conflict.

The tag-line for Social Engineer is: “Whose side is he on?” Whose side is Brody on? At the beginning, we see one reasonable, laudable answer: his employer, and his profession. By the end, the plot-twists and engrossing revelations have muddied the waters.

The conflict really stems from this mysterious fear Brody has that he’ll be discriminated against for being a hacker, although I don’t consider “network security consultants” any different from regular security guards. The book tries to explain the role/cover Brody adopts in real life by hinting at international, “dark web” intrigue, but again, if Brody is fighting Russian “black hats” in his spare time, that makes him more like a Barney Collier (Greg Morris) than a credit card thief.

As two of Dorothy Sayers’ characters said:

“Why does he tell all those unnecessary lies?”

“But if he doesn’t, where’s my plot?”*

The plot concludes, but it’s telling about the author’s worldview that he chooses this depressing place to leave the characters, making them both come across as rather petty (especially since they’ve been jumping into bed without much formal prelude).

Social Engineer was an interesting read, illustrating what my computer-technician father had already taught me: The weak link of any digital security system is the human beings involved. If it weren’t for the serious worldview issues related above, I would willingly recommend this book to everyone. As it is, you could still enjoy this story, but don’t walk blindly into the issues I outlined above.

I’m sad that I don’t have the confidence of a shared worldview that the author won’t go someplace I can’t follow.

* Lord Peter Wimsey and Harriet Vane, in Gaudy Night.

Disclaimer: I received a free ebook copy of Social Engineer by joining the author’s mailing list. I was not required to write a review. Views expressed are totally my own.

This book is available on Amazon (here); the author’s official site is IanHSutherland.com.

Leave a Reply

Your email address will not be published. Required fields are marked *