Book Review: "Crack99"

"CRACK99: The Takedown of a $100 Million Chinese Software Pirate" by David Locke Hall, is the thrilling and true story of a non-technical investigator tracking down and prosecuting a software pirate in foreign country. Dave was an intelligence officer for the US Navy and worked with Homeland Security under the aim of bringing down a massive software piracy site they came across. The book was cheap at ~$13, for 320 pages (10hrs and 43 minutes of audio). I listened to it on Audible and it was great, nerdy listening.  Overall I give it 6 out of 10 stars because I think it's an excellent story but not as technically satisfying as compared to books like Kingpin or Ghost in The Wire. Palo Alto Networks also suggests the book, but dosn't put it in their cybersecurity canon for similar reasons, lacking that hacker spin in regards to the forensic and enforcement work. None the less, it's excellent piece on intelligence and investigations work. I recommend it to those interested in a higher-level cyber security book or even cyber crime books. At the time, the event received major press, but I'm still really glad David went through with the book because it emphasizes the effort put in to catch Xiang Li and what a moonshot their success was in many ways. The following is chapter listing:

Introduction
Chapter 1: Perfect Sure
Chapter 2: Fast Food
Chapter 3: Discordant Note
Chapter 4: Hacker, Cracker, Satellite Tracker
Chapter 5: That Giant Sucking Sound
Chapter 6: The Last War
Chapter 7: The Next War
Chapter 8: Onward Through The Fog
Chapter 9: Pleasant Surprises
Chapter 10: Unpleasant Surprises
Chapter 11: Dead or Alive
Chapter 12: The Americans
Chapter 13: Slaying The Dragon
Acknowledgments
Notes

It's a story about extreme digital piracy, with over 2,000 programs being pirated and many are high end engineering applications, with a net estimated total of of more than $100,000,000. I also encourage readers to check out the indictment, it's pretty great. I really enjoyed the chapters where they uncovered how Xiang Li was able to bypass the software DRM controls. Later, through the interviews with Xiang Li you can tell he was pretty cooperative, which allowed for investigators to continue chasing down his cracked software suppliers. There are even some clips of Xiang Li talking about some his trafficking techniques. It was really cool seeing how they put together the stings to get solid evidence on the supplying pirates, eating their way up the chain. Techniques such as paying using wire transfers, for physical items, where they knew the seller didn't have the rights to sell the software, having items shipped to the US, and meeting the perp in a friendly location, all builds for a solid case. And it paid off, as Xiang Li, the software pirate from China, saw court in the US. One should also note, that some customers of the site were found guilty in court as well. I encourage you to check it out, you can read a sample here to get a feel for the writing style. It's a good read, especially for introducing laymen or new people to some of the ways the cyber crime underground operates.