Cybercops and other purveyors of FUD - the fear, uncertainty and doubt that sell expensive but dubious computer security services - are the chief architects of a growing public hysteria about all things digital. In contrast, Richard Power's book, Tangled Web - Tales of Digital Crime from the Shadows of Cyberspace, is a voice of impressive logic and rational perspective - a no-nonsense trek through cyberspace without hyperbole, fear-mongering or undue conjecture.

To my surprise - and embarrassment - Power adds rich details, of which I was ignorant, to stories I had really dug into as an investigative reporter. So, despite his melodramatic subtitle Shadows of Cyberspace, the book offers an honest, firmly grounded perspective, with a perceptible tilt to the law-and-order view.

So, when he subtitles his three pages on Kevin Mitnick, "Public Enemy No. 1?" the question mark suggests Power hasn't bought into the hype surrounding the case.

The book's opening section is titled "Crime, War and Terror in the Information Age." Before jumping into juicy tales of hacker exploits, Power reflects on his uneasiness listening to speakers at a computer security conference about the psychological profiles of "hacker youths" and the alleged dangers they pose. "Certainly, juvenile hackers could wreak havoc and mayhem, he writes. "And yet, I asked myself, 'What's wrong with this picture?' "

His conclusion: "The stereotypical youthful hacker simply provided a convenient foil, a scapegoat, a placeholder for the professional criminals and foreign intelligence agents that would be conducting similar online break-ins. These digital hired guns would not be seeking the technological adventure; they would be seeking technological advantage."

But when Power gets around to the tale of 16-year-old Chris Schanot and his three-member cybergang, Internet Liberation Front, whose manifesto declared war on "Capitalist Pig Corporations," his treatment is evenhanded and complete. This is commendable, given Power's law-and-order slant, because Schanot lifted some credit-card numbers, messed up some NBC News e-mail and poked around in a wide-open Southwestern Bell system.

Serious Business

The book is remarkably balanced. Power clearly dislikes young criminals who use their skills for financial gain, yet he is equally critical, if not more so, of federal efforts to inoculate themselves from system and network vulnerabilities.

He cites a Government Accounting Office study conducted early this year in which there were "security lapses throughout the U.S. federal government, even in the most sensitive agencies." The GAO found flaws through the Department of Defense and Department of State, including:

Lack of a comprehensive information security plan.
Insufficient commitment by senior management to information security.
Lack of accountability in the State Department's decentralized organization.
Lack of risk analysis to determine appropriate controls.
Incomplete information security policies.
Inadequate efforts to heighten security awareness among users.
No regular calculations of controls to gauge effectiveness.

And whatever happened to those missing State Department laptops?

Power separates cyberscares from legitimate concerns. Many Internet fear mongers have propagated the notion that information warfare will be the next arms race, even that we pursue aggressive cyberwarfare tactics to dispatch enemies of the U.S., real or imagined.

But it wasn't an e-mail bomb that killed 17 sailors and wounded 39 on the USS Cole; it was a plain, old-fashioned suicide bombing - a tactic dating back to the 11th century Assassin movement in Persia and continuing through to the kamikaze attacks by Japanese pilots in World War II.

Another problem with information warfare is that it may violate existing rules of war. Power cites a Washington Post article contending that computer attacks, whether from an outside enemy or by the U.S. government, might well be war crimes because the victims are so often civilians. A cyberattack on a nation's electricity supply - or even a single city's grid - for example, might well fall into the war crimes category.

Government, Heal Thyself

Much of Tangled Web is devoted to the usual cybersuspects, but with a deft and subtle touch. It is not highly technical in language or subject matter, making cybercrime understandable to a broad audience.

One thing missing from the book, perhaps predictably, is any attempt to report about lawbreaking on the Internet by the U.S. government. It turns out that the GAO found that 13 government agencies were secretly tracking Web site visitors, despite orders prohibiting such intrusions on personal privacy by federal agencies. The USDA Forest Service was actually selling data to a private-sector company.

And, oh yes, the Federal Bureau of Investigation's Carnivore sniffing program is yet to be assessed.

I'm curious to see if the Department of Justice pursues federal lawbreakers with the intensity and ferocity it applied to chasing Mitnick.