The Cybersecurity Canon: Reamde

Jan 28, 2014
7 minutes
... views

cybersec canon red

For the past decade, I have had this notion that there must be a Cybersecurity Canon: a list of must-read books where the content is timeless, genuinely represents an aspect of the community that is true and precise and that, if not read, leaves a hole in cybersecurity professional’s education. I’ll be presenting on this topic at RSA 2014, and between now and then, I’d like to discuss a few of my early candidates for inclusion. I love a good argument, so feel free to let me know what you think.

Reamde (2011) by Neal Stephenson

I’ve already reviewed two Neal Stephenson works, Snow Crash and Cryptonomicon, for inclusion in the Canon. Here is a third: a high-octane, straight-up cyber thriller that elevates the genre in the process.

The novel has everything that a cyber thriller needs: Chinese hackers, Russian mafia, cyber crime, massively multiplayer online role-playing games (MMORPGs), hacking culture, and guns. It is classic Stephenson, and not quite as dense as some of his other works. While it is a wildly imaginative story, the details are real and correct. If you are a cybersecurity professional, you will not learn anything new here, but you will appreciate a ripping good story told within the boundaries of the cybersecurity community you know.

Stephenson centers on Richard Forthrast, the founder and owner of the Fortune 500 company that manages T’Rain, an MMORPG. He is a former drug smuggler who funneled his profits into a computer gaming company and turned T’Rain into the most popular computer game on the planet. Across the world, a group of young and talented Chinese hackers and T’Rain players devise an elaborate gold-farming ransom scheme. They create and distribute the Reamde virus, which essentially bricks the T’Rain gamer’s computer until the victim delivers a specified amount of virtual gold to a remote location in the T’Rain online world. The hackers collect the virtual gold and convert the gaming money into real money for profit.

Forthrast’s niece, and employee, inadvertently shares a sample of the Reamde virus with her boyfriend. The boyfriend dabbles in credit card fraud, and when the Reamde virus corrupts the computer network of his Russian mob contact—specifically the group’s pension fund, the obshchak—the Russians come looking for the perpetrator.

What follows is a mad dash around the world as the Russian hackers, with Forthrast’s niece in tow, try to get their money back from the Chinese hackers. They run into a separate collection of international terrorists operating out of the same abandoned Chinese building as the Chinese hackers and an MI6 agent tracking the terrorists. As the terrorists escape and evade the Russians, MI6, and the Chinese hackers, they end up in the backwoods of Canada, Forthrast’s backyard. There’s a lot of fun stuff going on here.

The story is similar in heft—almost one thousand pages—to two other Stephenson works: Cryptonomicon and The Baroque Cycle. But Reamde is a straight-up cyber thriller and Stephenson doesn’t spend a lot of time diverging from the main story as he did in those books.

Gold Farming

Gold farming has been a staple of MMORPGs from almost the beginning of online games. It’s a term used to describe MMORPG player behavior when the player’s intent is not to play the game as the designers intended. Instead, gold farmers gather as much virtual loot available within the game for the purpose of reselling that virtual loot to other players for real-world currency. Most MMORPGs have fully functioning economies and gold farmers take advantage of that. Entire businesses have popped up, especially in China, dedicated to that effort.

In Reamde, Stephenson takes that phenomenon to the next level. Most MMORPGs distribute loot randomly within the gaming world, but in T’Rain, naturally occurring gold deposits form around the game world similarly to how they form in the real world. Tom Bissell, writing for The New York Times, described it this way:

“Two things have assured T’Rain’s commercial success: actual geological laws have been programmed to govern its terrain (it is this feature from which the game’s name derives); and the game uses a currency system based on real money — treasure mined from the strata of T’Rain’s crust can be transformed into earthly coin.”

If you take a step back from that explanation, you realize that the T’Rain economy functions eerily similar to how the Bitcoin economy works. In both systems, the amount of treasure available in the world is finite and is worth only what the people within the economy are willing to pay for it. I could find no reference that confirms that connection between T’Rain and Bitcoin, but I do find it an interesting coincidence. Stephenson is adept at explaining how money systems work. Bitcoin launched in 2009, and Stephenson published Reamde in 2011. Even if the connection was unintentional, Stephenson had to be at least thinking about Bitcoin while he was writing the book.


Wardriving is the act of driving around town with a collection of remote networking gear and looking for unsecured WiFi routers. In Reamde, the Russian mafia needs to find the Chinese hacker hideout in China. They kidnap the good guys and whisk them away to Xiamen, China, so that the good guys can help them with the search. The good guys, under threat of death, search for the Chinese hackers by wardriving the streets of the city and frequenting the many Internet cafes, or wangbas, that most of the locals use for Internet access.

Lock Picking

Some of the good guys in our story are traditional white-hat hackers (hackers that exploit weaknesses in systems not to steal or to cause mischief but to understand how those systems work and perhaps to offer better ways to build those systems). One interesting cultural phenomena that emerged from this hacking culture is a fascination with locks and how to pick them. If you have ever attended DEFCON, you already know what I mean. There is usually a room dedicated to the lock-picking craft, and every time I have wandered in there in the last five years, the room is jammed with expert lock pickers showing wannabes how to get started. In Reamde, the good guys lock pick their way out of several situations, and Stephenson takes a moment to explain why these white-hat hackers might have that skill.


During the course of the story, the good guys who are working for the Russian mafia deposit the ransom of virtual gold into a remote area of T’Rain in the hopes that the Chinese hackers will unbrick their computers. A problem arises when the T’Rain community discovers the Reamde virus scheme. Many clans within the game stake out the route to the remote location in order to ambush the Reamde victims before they deposit their virtual gold.

In T’Rain, if you kill an adversary in the game, you collect his or her valuables. The Chinese hackers need to collect the ransom and walk it out of the remote area and into a T’Rain city where they can convert the virtual money into real money. With the clans blocking their path, this becomes problematic. What results is a massive clan battle between the Chinese Reamde clan and all of the other T’Rain clans in the game. Stephenson completely captures the complexity, stress, and strategy of directing hundreds of your own teammates that are maneuvering across a vast virtual terrain against thousands of hostiles whose intent is to prevent you from doing just that.


This novel has everything that a good hacker novel needs, right up through a bit about how to survive a zombie apocalypse. It is classic Stephenson without the denseness of Cryptonomicon and The Baroque Cycle, and it elevates the genre of the cybersecurity thriller above other entries in the field. While it is a wildly imaginative story, many of the details are real and correct and you’ll appreciate what a good time this is.

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.