Book Review: "Gray Day"

"Gray Day: My Undercover Mission to Expose America's First Cyber Spy" by Eric O'Neill is an exceptionally well told and true story about counter espionage at the core of the FBI. "Gray Day" is focused on the final months and operations around catching Robert Hanssen, one of America's most notorious spies, considered the FBI's most damaging spy in US history. It's written and told by the guy who shared an office with Hanssen for several months in an unbelievable sting operation, Eric O'Neill. Hanssen's code name during the sting was GrayDay or GD, hence the title of this wild book. As much as the story involves some of the first use of forensics and digital media, it's a classic spy vs spy, HUMINT type of story. The book involves lots of handling, tailing targets, and dead drops, essentially tons of classic spying. I listened to "Gray Day" on Audible for about ~9hrs for ~$20. Ultimately, I give this 7 out of 10 stars, for being a first hand account of a true story, but also riveting, informative, and fun. I recommend this to hackers, intel analysts, and blue teamers. This book is soaked in tradecraft, naturally embedded in the story because it was so authentic. It's a great way to think about insider threats and consider ways to detect or catch them, something naturally very difficult. The story has also been made into a movie (Breach 2007), but the book is incredible because it's written by another spy who was in the room w/ Hanssen the whole time. Granted, the book is slightly embellished, but Eric calls this out at the end and I agree that everything he embellished was both small and made it a better story.  Below you can see the chapters of the book yourself:

Chapter 1: Tipping Points
Chapter 2: The Tyranny of Secrets
Chapter 3: Lay Down Your Sword
Chapter 4: Mousetrap
Chapter 5: The Weakest Link
Chapter 6: The Worst Possible Place
Chapter 7: Trust but Verify
Chapter 8: Diligence Is the Mother of Good Luck
Chapter 9: Truth Is a Splendid Wild Stallion
Chapter 10: Straight Lines
Chapter 11: Punch in the Mouth
Chapter 12: Open Your Eyes
Chapter 13: Jersey Walls and Airplanes
Chapter 14: The Art of Thievery
Chapter 15: A Flaw in the System
Chapter 16: Not a Bear
Chapter 17: In the Middle
Chapter 18: Making a Spy
Chapter 19: Have Faith
Chapter 20: Break the Routine
Chapter 21: Out on a Limb
Chapter 22: The Worst Offense is Defense
Chapter 23: Shenanigans
Chapter 24: Smoking Gun
Chapter 25: Understanding
Chapter 26: The Future Is Yesterday
Chapter 27: There Are No Hackers, Only Spies
Chapter 28: Up All Night

The book is fantastic, both filled with tradecraft because it was written by a spy and entertainingly well told. One of the reasons O'Neill calls this one of the first cyber spy cases is he steals and forensically images Hanssen's PDA, personal digital assistant, or palm pilot device. This device ended up being the smoking gun in the Hanssen case, with his full schedule in it. This is an example of an offensive application of digital forensics, which is one of my favorite applications of forensics! Hanssen was also one of the first spies to steal and transfer electronic documents. The book has many segways into cyber security, taking time to talk about many modern and famous intrusions, as well as modern intrusion detection software. The author talks about the repercussions from the Vault7 leak and destructive attacks against Ukraine. At the end the author claims every hacker is a spy in the modern era, essentially that cyberspace is the new frontier of espionage. While I don't necessarily agree with all of this, it's hard to argue that the frontier of espionage has not shifted into a digital domain. O'Neill also uses a lot of social engineering in the book, or lying while under cover with Hanssen to manipulate Hanssen. Keeping cover like that must also be very hard, you can see how compartmentalizing his life to protect his operation was also very damaging to Eric's relationships at home. Overall, it's a very engaging, insightful, and well told story of espionage. Definitely not one to miss if you enjoy these spy stories or even stories of early hacking and forensics.