Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners [NOOK Book]

Overview

Cyber Warfare explores the battlefields, participants and the tools and techniques used during today's digital conflicts. The concepts discussed in this book will give those involved in information security at all levels a better idea of how cyber conflicts are carried out now, how they will change in the future and how to detect and defend against espionage, hacktivism, insider threats and non-state actors like organized criminals and terrorists. Every one of our systems is under attack from multiple vectors-our...
See more details below
Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$39.95
BN.com price

Overview

Cyber Warfare explores the battlefields, participants and the tools and techniques used during today's digital conflicts. The concepts discussed in this book will give those involved in information security at all levels a better idea of how cyber conflicts are carried out now, how they will change in the future and how to detect and defend against espionage, hacktivism, insider threats and non-state actors like organized criminals and terrorists. Every one of our systems is under attack from multiple vectors-our defenses must be ready all the time and our alert systems must detect the threats every time.


  • Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks

  • Dives deeply into relevant technical and factual information from an insider's point of view

  • Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result
Read More Show Less

Editorial Reviews

From the Publisher

"Regardless of where the definition of cyber warfare finally settles, be it simply a war waged over the Internet, a technological cold war, network-based hostilities or simply another theater of war, there are without doubt activities that transpire over the wire that require much closer scrutiny not only by the security community but also by governments, businesses and the general public. The authors accurately and adeptly take the reader from the headlines to the front lines with frequent stops in underground communities, legislative halls and anywhere hackers (ethical or otherwise) are in high demand. This book serves as a report on the current cyber state of affairs on a global scale, as a career guide to those looking to enter this burgeoning field, and, most importantly, as a reference on protecting assets that are unmistakably in the field of battle...whether intended or not."--Donald C. Donzal, Editor-In-Chief, The Ethical Hacker Network

"A fifth domain of war has been added to land, air, sea and space: cyber. Malware capable of taking a nuclear program offline was science fiction 5 years ago: Stuxnet demonstrates that information security is now a matter of national security. This timely and necessary book provides an assessment of the current state of cyber warfare, and more importantly, where the conflict is heading. Highly recommended for information security professionals."--Eric Conrad, Lead Author, CISSP Study Guide, President, Backshore Communications

Read More Show Less

Product Details

  • ISBN-13: 9781597496384
  • Publisher: Elsevier Science
  • Publication date: 7/13/2011
  • Sold by: Barnes & Noble
  • Format: eBook
  • Pages: 320
  • File size: 4 MB

Meet the Author

Jason Andress (ISSAP, CISSP, GPEN, CEH) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.

Steve Winterfeld (CISSP, PMP, SANS GSEC, Six Sigma) has a strong technical and leadership background in Cybersecurity, Military Intelligence, Certification & Accreditation (C&A), Simulations and Project Management.

Read More Show Less

Read an Excerpt

Cyber Warfare

Techniques, Tactics and Tools for Security Practitioners
By Jason Andress Steve Winterfeld

Syngress

Copyright © 2011 Elsevier, Inc.
All right reserved.

ISBN: 978-1-59749-638-4


Chapter One

What is Cyber Warfare?

INFORMATION IN THIS CHAPTER

• What is Cyber Warfare?

• Have We Seen a Cyber War?

• Why Cyber Warfare is Important

We are constantly bombarded with news about Internet events today. Cyber crime is up. Computer users need to watch out for the latest phishing attack trying to steal our identity, update our anti-virus to avoid infection, patch the operating system to avoid a hacker taking control, new zero day attack against smart phones, Facebook privacy compromised, someone took down Twitter, and now we are hearing about Cyber War.

This book will help you understand what cyber warfare is, how it can impact your life or business on a personal level, and explore the national aspect from both the policy and practical levels. It will take you from the strategic through to the tactical level explaining the people, methods, virtual battlefield framework, tools, trends, impacts, and way ahead.

WHAT IS CYBER WARFARE?

We have been reading about cyber acts of aggression for years now. Cliff Stoll first published The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage in 1989 about Soviet Bloc countries breaking into Department of Defense (DoD) sponsored networks. Seven years later we see a very similar storyline from both sides of the hack in Take-Down: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It by Tsutomu Shimomura and John Markoff with its opposing view in the book The Fugitive Game: Online with Kevin Mitnick by Jonathan Littman. Today we see a host of books on crime, hacking, defensive practices, and certification prep guides not to mention cyber plots in fiction books like The Blue Nowhere by Jeffrey Deaver, Debt of Honor by Tom Clancy, or The Scorpion's Gate by Richard A. Clarke.

We also see touches of cyber warfare in the movies starting with War Games in 1983 where a kid breaks into a military network and accidently almost starts World War III to Sneakers in 1992 where all data encryption is compromised to Swordfish where intelligence agencies use hacking to support their activities to the epic Die Hard 4: Live Free or Die Hard in 2007 when criminals pose as terrorists and take down the Internet and all the critical infrastructure it supports. There are a lot of great books and movies not mentioned but this sample list points to the evolution of Cyber Warfare into mainstream thinking and how it can be used as a tool to conduct espionage, crime, terror, and warfare.

America's information dominance tools, which helped win the Cold War, have become its Achilles heel of the cyber conflict we are in today. Our technology was far ahead of any competitor nation and we outspent them to keep the edge. Today we are more dependent on this technology than ever before, most of which is now available to our partners, competitors, and adversaries. At the same time the cost of entry into this arms race is incredibly low. Furthermore the benefits of attacking someone far outweighs the dangers. This has led to what many are calling a Cyber War.

Definition for Cyber Warfare

A definition of Cyber Warfare is not easy. In fact definitions for Cyber or Warfare are both under debate. We will start with a simple definition of Cyber or Cyberspace. For the purpose of this chapter we will frame the definition in the context of military environment.

The DoD defines cyberspace as the notional environment in which digitized information is communicated over computer networks (Figure 1.1).

The National Military Strategy for Cyberspace Operations defines cyberspace as the domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures.

The DoD (Joint Publication 3.0 Joint Operations 17 September 2006 Incorporating Change 2, 22 March 2010) defines cyberspace as a global domain within the information environment. It consists of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Within cyberspace, electronics, and the electromagnetic spectrum are used to store, modify, and exchange data via networked systems. Cyberspace operations employ cyberspace capabilities primarily to achieve objectives in or through cyberspace. Such operations include computer network operations and activities to operate and defend the Global Information Grid.

United Nations (UN) defines cyber as "the global system of systems of Internetted computers, communications infrastructures, online conferencing entities, databases and information utilities generally known as the Net." This mostly means the Internet; but the term may also be used to refer to the specific, bounded electronic information environment of a corporation or of a military, government, or other organization.

For a definition of warfare we cannot turn to an authoritative source. The UN does not have a definition, so we will default to the two historical standards for military doctrine: On War, the exhaustive work documenting tactics during the Napoleonic War period in 1873 and The Art of War a more condensed version of how to conduct warfare composed in sixth century BC.

ON WAR – We shall not enter into any of the abstruse definitions of war used by publicists. We shall keep to the element of the thing itself, to a duel. War is nothing but a duel on an extensive scale. If we would conceive as a unit the countless number of duels which make up a war, we shall do so best by supposing to ourselves two wrestlers. Each strives by physical force to compel the other to submit to his will: his first object is to throw his adversary, and thus to render him incapable of further resistance. War therefore is an act of violence to compel our opponent to fulfill our will.

ART OF WAR – The art of war is of vital importance to the State. It is a matter of life and death, a road either to safety or to ruin. Hence it is a subject of inquiry which can on no account be neglected. The art of war, then, is governed by five constant factors, to be taken into account in one's deliberations, when seeking to determine the conditions obtaining in the field. These are: (1) The Moral Law; (2) Heaven; (3) Earth; (4) The Commander; (5) Method and discipline.

Are these definitions applicable to what is happening on the Internet today? Can these historical concepts be applied to the virtual world? Is the military perspective the right one to look at this problem through? The answer is a declarative: YES. That is why we felt this book was needed. First there is no governing body to determine what definition we should use, so the definition is normally based on the perspective of the person speaking. Governments, finance companies, Internet providers, international corporations, organizations with a specific cause, and lawyers would all give us a different answer. As for historical concepts, there are many that are based on geography which no longer apply, but most principles and practices can be modified to be useful when it comes to the new World Wide Web's Wild West. Finally, we think if we are going to use the term warfare we should use the military perspective but throughout this book we will take the time to explore the other options because our systems are connected to the same battlefield on which the nation states are fighting!

Tactical and Operational Reasons for Cyber War

The motivations are as old as time. Whether individuals or nations, it comes down to power/greed versus protection of self/country. Traditionally it was about controlling limited resources but today the power of a network is not determined by resources but the number of nodes on it which equates to the power of information/influence. Be it access to proprietary information, classified networks, interconnections on a social network, applications, or data about customers or systems that run the critical infrastructure, the more connected, the more value.

Today's critical infrastructure networks are key targets for cyber attack because they have grown to the point where they run the command and control systems, manage the logistics, enable the staff planning and operations, and are the backbone of the intelligence capabilities. More importantly today, most command and control systems, as well as the weapon systems themselves, are connected to the Global Information Grid (GIG) or have embedded computer chips. Airplanes have become flying routers receiving and sending targeting information constantly. Air Defense and Artillery are guided by computers systems and they shoot smart munitions that adjust their flight based on Global Positioning System (GPS) updates to guide themselves to the target. The Intelligence Surveillance and Reconnaissance (ISR) systems gather so much information the challenge is sifting through it to find the critical data. Today's infantry squad has communication gear, GPS, tracking devices, cameras, and night vision devices. The computer chip is ubiquitous and has become one of the U.S. centers of gravity. It is both our strength and could be turned into our weakness if taken away. The loss of GPS satellites would take away many of our advantages on the battlefield.

When we consider the military maxim "amateurs study tactics; professionals study logistics," it quickly becomes clear how important the logistical systems are. When we deploy forces into a theater of operations our capability to fight is shaped by the forces, weapons, equipment, and supplies that can be moved to the right place at the right time. Today, that is calculated and controlled by computers. An enemy can understand our intentions and abilities by tracking what is happening in the logistics system. If they can modify actions and data they can interdict, or at least impact, our capabilities.

We have discussed the tactical and operational considerations now let's look at the strategic reasons to fight on the cyber front.

Cyber Strategy and power

There are some general principles we should look at when analyzing the virtual world. When deciding on military strategies we look to the Principles of War. When evaluating plans we evaluate ends, ways, and means. When we analyze sources of national power we weigh Diplomatic, Information, Military and Economic (DIME) factors. Finally when we think of the national level tools we break them into hard power, soft power, and smart power. We will look at how all these apply to cyber warfare.

The U.S. Principles of War are Objective, Offensive, Mass, Economy of Force, Maneuver, Unity of Command, Security, Surprise, and Simplicity . As we look at cyber war we must decide if we are talking about the virtual battlefield of the Internet or the ubiquitous nature of cyber conflicts being enmeshed into the physical battlefield. Some of the principles don't easily transfer into the virtual battlefield but they all can be force multipliers in the physical battlefield. When deciding on a cyber strategy we must not throw out hundreds of years' worth of doctrine and tactics but rather understand how to modify it based on the new paradigm we are facing. This has been true of all the technical advancements on the battlefield that have caused a Revolution in Military Affairs (RMA). Having a clear objective with a simple plan that utilizes surprise while protecting our infrastructure is still the key to success. The numerous news stories we see show that defending in cyber warfare is not easy, so offensive actions are still the best way to achieve victory (this is a military statement and ignores the legal/policy challenges that must be solved). Mass is still important to achieve impacts and is validated by botnets today. Economy of force and maneuver are more difficult to apply in a battlefield with attrition and terrain being relative terms.

(Continues...)



Excerpted from Cyber Warfare by Jason Andress Steve Winterfeld Copyright © 2011 by Elsevier, Inc.. Excerpted by permission of Syngress. All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Read More Show Less

Table of Contents

Foreword Introduction Chapter 1: What is Cyber Warfare? Chapter 2: The Cyberspace Battlefield Chapter 3: Cyber Doctrine Chapter 4: Cyber Warriors Chapter 5: Logical Weapons Chapter 6: Physical Weapons Chapter 7: Psychological Weapons Chapter 8: Computer Network Exploitation Chapter 9: Computer Network Attack Chapter 10: Computer Network Defense Chapter 11: Non-State Actors in Computer Network Operations Chapter 12: Legal System Impacts Chapter 13: Ethics Chapter 14: Cyberspace Challenges Chapter 15: The Future of Cyber War Appendix: Cyber Timeline

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 3 Customer Reviews
  • Posted July 29, 2011

    The First Comprehensive Book on the Subject

    The authors, Steve Winterfield and Jason Andress, cover everything you will want to consider when thinking about how to use cyberspace to conduct warfare operations. The primary concepts have been bouncing around US military circles for over a decade but they have never been collected into one tome before. Clarke and Knake's book, "Cyber War: The Next Threat to National Security and What to Do about It," discusses how weak the US network defenses are and offers suggestions about how to improve. Carr's book, "Inside Cyber Warfare: Maping the Cyber Underworld," presents threat examples and nation state capabilities. Libicki's book, "Cyberdeterrence and Cybrewar," attacks cyberwar from a policy viewpoint and does not really address operational considerations. Stiennon's book, "Surviving Cyberwar," is a good place to start if you are new to the subject and is almost a prerequisite for this book.

    Full Disclosure: One of the authors, Steve Winterfield, used to work for me when he and I were both in the US Army wrestling with all of these ideas right after 9/11. I ran the Army Computer Emergency Response Team (ACERT) and Steve ran the Army's Southern Regional CERT (RCERT South). He and I have been friends ever since and he even quoted me in one of the back chapters.

    Although the content has been around for a while, it is striking how little the main concepts have changed. In a world where new innovations completely alter the popular culture every eighteen months, the idea that Cyber Warfare's operational principals remain static year after year is counter-intuitive. After reading through the various issues within though, you begin to understand the glacial pace. These difficult concepts spawn intractable problems and the authors do a good job of explaining them.

    The first three chapters are my favorites. Winterfield and Andress do a good job of wrapping their heads around entangled concepts like the definition of cyber warfare, the look of a cyber battle space and the current doctrine's ideas about cyber warfare from the perspective of various nations. It is fascinating.

    In the middle of the book, the authors take on the task of describing the Computer Network Operations (CNO) Spectrum; a spectrum that ranges from the very passive form of Computer Network Defense (CND) through the more active forms of Computer Network Exploitation (CNE) and Computer Network Attack (CNA). It is indeed a spectrum too because the delineation between where CND, CNE and CNA start and stop is not always clean and precise. There is overlap. And somewhere along that same spectrum is where law enforcement organizations and counter-intelligence groups operate. You can get lost fairly quickly without a guide and the authors provide that function admirably. The only thing missing from these chapters is a nice diagram that encapsulates the concept.

    Along the way the reader gets a coherent primer on the legal issues surrounding Cyber Warfare, the ethics that apply, what it takes to be a cyber warrior and a small glimpse over the horizon about what the future of Cyber Warfare might bring. In the end, Winterfield and Andress get high marks for encapsulating this complex material into an easy-to-understand manual; a foundational document that most military cyber warriors should have at their fingertips and a book that should reside on the shelf of anybody interested in the topic.

    Was this review helpful? Yes  No   Report this review
  • Posted July 28, 2011

    Great Read

    While you may or may not agree with the idea that there is an ongoing cyber war, this book provides interesting insights into the topic. One of the aspects of the book that I enjoyed was the military perspective that is highlighted on the various cyber warfare topics. This combined with the addition of the technical aspects provided a nice mix of rhetoric and techniques not found in many books on the subject today. This book gives a good overview of the cyber warfare landscape.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted March 22, 2012

    No text was provided for this review.

Sort by: Showing all of 3 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)