Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners

by Jason Andress

See All Formats & Editions

Cyber Warfare Techniques, Tactics and Tools for Security Practitioners provides a comprehensive look at how and why digital warfare is waged. This book explores the participants, battlefields, and the tools and techniques used during today's digital conflicts. The concepts discussed will give students of information security a better idea of how cyber


Cyber Warfare Techniques, Tactics and Tools for Security Practitioners provides a comprehensive look at how and why digital warfare is waged. This book explores the participants, battlefields, and the tools and techniques used during today's digital conflicts. The concepts discussed will give students of information security a better idea of how cyber conflicts are carried out now, how they will change in the future, and how to detect and defend against espionage, hacktivism, insider threats and non-state actors such as organized criminals and terrorists.

Every one of our systems is under attack from multiple vectors - our defenses must be ready all the time and our alert systems must detect the threats every time. This book provides concrete examples and real-world guidance on how to identify and defend a network against malicious attacks. It considers relevant technical and factual information from an insider's point of view, as well as the ethics, laws and consequences of cyber war and how computer criminal law may change as a result. Starting with a definition of cyber warfare, the book’s 15 chapters discuss the following topics: the cyberspace battlefield; cyber doctrine; cyber warriors; logical, physical, and psychological weapons; computer network exploitation; computer network attack and defense; non-state actors in computer network operations; legal system impacts; ethics in cyber warfare; cyberspace challenges; and the future of cyber war.

This book is a valuable resource to those involved in cyber warfare activities, including policymakers, penetration testers, security professionals, network and systems administrators, and college instructors. The information provided on cyber tactics and attacks can also be used to assist in developing improved and more efficient procedures and technical defenses. Managers will find the text useful in improving the overall risk management strategies for their organizations.

  • Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks
  • Dives deeply into relevant technical and factual information from an insider's point of view
  • Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result

Editorial Reviews

From the Publisher
"Regardless of where the definition of cyber warfare finally settles, be it simply a war waged over the Internet, a technological cold war, network-based hostilities or simply another theater of war, there are without doubt activities that transpire over the wire that require much closer scrutiny not only by the security community but also by governments, businesses and the general public. The authors accurately and adeptly take the reader from the headlines to the front lines with frequent stops in underground communities, legislative halls and anywhere hackers (ethical or otherwise) are in high demand. This book serves as a report on the current cyber state of affairs on a global scale, as a career guide to those looking to enter this burgeoning field, and, most importantly, as a reference on protecting assets that are unmistakably in the field of battle...whether intended or not."—Donald C. Donzal, Editor-In-Chief, The Ethical Hacker Network

"A fifth domain of war has been added to land, air, sea and space: cyber. Malware capable of taking a nuclear program offline was science fiction 5 years ago: Stuxnet demonstrates that information security is now a matter of national security. This timely and necessary book provides an assessment of the current state of cyber warfare, and more importantly, where the conflict is heading. Highly recommended for information security professionals."—Eric Conrad, Lead Author, CISSP Study Guide, President, Backshore Communications

Product Details

Elsevier Science
Publication date:
Sold by:
Barnes & Noble
File size:
4 MB

Read an Excerpt

Cyber Warfare

Techniques, Tactics and Tools for Security Practitioners
By Jason Andress Steve Winterfeld


Copyright © 2011 Elsevier, Inc.
All right reserved.

ISBN: 978-1-59749-638-4

Chapter One

What is Cyber Warfare?


• What is Cyber Warfare?

• Have We Seen a Cyber War?

• Why Cyber Warfare is Important

We are constantly bombarded with news about Internet events today. Cyber crime is up. Computer users need to watch out for the latest phishing attack trying to steal our identity, update our anti-virus to avoid infection, patch the operating system to avoid a hacker taking control, new zero day attack against smart phones, Facebook privacy compromised, someone took down Twitter, and now we are hearing about Cyber War.

This book will help you understand what cyber warfare is, how it can impact your life or business on a personal level, and explore the national aspect from both the policy and practical levels. It will take you from the strategic through to the tactical level explaining the people, methods, virtual battlefield framework, tools, trends, impacts, and way ahead.


We have been reading about cyber acts of aggression for years now. Cliff Stoll first published The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage in 1989 about Soviet Bloc countries breaking into Department of Defense (DoD) sponsored networks. Seven years later we see a very similar storyline from both sides of the hack in Take-Down: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It by Tsutomu Shimomura and John Markoff with its opposing view in the book The Fugitive Game: Online with Kevin Mitnick by Jonathan Littman. Today we see a host of books on crime, hacking, defensive practices, and certification prep guides not to mention cyber plots in fiction books like The Blue Nowhere by Jeffrey Deaver, Debt of Honor by Tom Clancy, or The Scorpion's Gate by Richard A. Clarke.

We also see touches of cyber warfare in the movies starting with War Games in 1983 where a kid breaks into a military network and accidently almost starts World War III to Sneakers in 1992 where all data encryption is compromised to Swordfish where intelligence agencies use hacking to support their activities to the epic Die Hard 4: Live Free or Die Hard in 2007 when criminals pose as terrorists and take down the Internet and all the critical infrastructure it supports. There are a lot of great books and movies not mentioned but this sample list points to the evolution of Cyber Warfare into mainstream thinking and how it can be used as a tool to conduct espionage, crime, terror, and warfare.

America's information dominance tools, which helped win the Cold War, have become its Achilles heel of the cyber conflict we are in today. Our technology was far ahead of any competitor nation and we outspent them to keep the edge. Today we are more dependent on this technology than ever before, most of which is now available to our partners, competitors, and adversaries. At the same time the cost of entry into this arms race is incredibly low. Furthermore the benefits of attacking someone far outweighs the dangers. This has led to what many are calling a Cyber War.

Definition for Cyber Warfare

A definition of Cyber Warfare is not easy. In fact definitions for Cyber or Warfare are both under debate. We will start with a simple definition of Cyber or Cyberspace. For the purpose of this chapter we will frame the definition in the context of military environment.

The DoD defines cyberspace as the notional environment in which digitized information is communicated over computer networks (Figure 1.1).

The National Military Strategy for Cyberspace Operations defines cyberspace as the domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures.

The DoD (Joint Publication 3.0 Joint Operations 17 September 2006 Incorporating Change 2, 22 March 2010) defines cyberspace as a global domain within the information environment. It consists of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Within cyberspace, electronics, and the electromagnetic spectrum are used to store, modify, and exchange data via networked systems. Cyberspace operations employ cyberspace capabilities primarily to achieve objectives in or through cyberspace. Such operations include computer network operations and activities to operate and defend the Global Information Grid.

United Nations (UN) defines cyber as "the global system of systems of Internetted computers, communications infrastructures, online conferencing entities, databases and information utilities generally known as the Net." This mostly means the Internet; but the term may also be used to refer to the specific, bounded electronic information environment of a corporation or of a military, government, or other organization.

For a definition of warfare we cannot turn to an authoritative source. The UN does not have a definition, so we will default to the two historical standards for military doctrine: On War, the exhaustive work documenting tactics during the Napoleonic War period in 1873 and The Art of War a more condensed version of how to conduct warfare composed in sixth century BC.

ON WAR – We shall not enter into any of the abstruse definitions of war used by publicists. We shall keep to the element of the thing itself, to a duel. War is nothing but a duel on an extensive scale. If we would conceive as a unit the countless number of duels which make up a war, we shall do so best by supposing to ourselves two wrestlers. Each strives by physical force to compel the other to submit to his will: his first object is to throw his adversary, and thus to render him incapable of further resistance. War therefore is an act of violence to compel our opponent to fulfill our will.

ART OF WAR – The art of war is of vital importance to the State. It is a matter of life and death, a road either to safety or to ruin. Hence it is a subject of inquiry which can on no account be neglected. The art of war, then, is governed by five constant factors, to be taken into account in one's deliberations, when seeking to determine the conditions obtaining in the field. These are: (1) The Moral Law; (2) Heaven; (3) Earth; (4) The Commander; (5) Method and discipline.

Are these definitions applicable to what is happening on the Internet today? Can these historical concepts be applied to the virtual world? Is the military perspective the right one to look at this problem through? The answer is a declarative: YES. That is why we felt this book was needed. First there is no governing body to determine what definition we should use, so the definition is normally based on the perspective of the person speaking. Governments, finance companies, Internet providers, international corporations, organizations with a specific cause, and lawyers would all give us a different answer. As for historical concepts, there are many that are based on geography which no longer apply, but most principles and practices can be modified to be useful when it comes to the new World Wide Web's Wild West. Finally, we think if we are going to use the term warfare we should use the military perspective but throughout this book we will take the time to explore the other options because our systems are connected to the same battlefield on which the nation states are fighting!

Tactical and Operational Reasons for Cyber War

The motivations are as old as time. Whether individuals or nations, it comes down to power/greed versus protection of self/country. Traditionally it was about controlling limited resources but today the power of a network is not determined by resources but the number of nodes on it which equates to the power of information/influence. Be it access to proprietary information, classified networks, interconnections on a social network, applications, or data about customers or systems that run the critical infrastructure, the more connected, the more value.

Today's critical infrastructure networks are key targets for cyber attack because they have grown to the point where they run the command and control systems, manage the logistics, enable the staff planning and operations, and are the backbone of the intelligence capabilities. More importantly today, most command and control systems, as well as the weapon systems themselves, are connected to the Global Information Grid (GIG) or have embedded computer chips. Airplanes have become flying routers receiving and sending targeting information constantly. Air Defense and Artillery are guided by computers systems and they shoot smart munitions that adjust their flight based on Global Positioning System (GPS) updates to guide themselves to the target. The Intelligence Surveillance and Reconnaissance (ISR) systems gather so much information the challenge is sifting through it to find the critical data. Today's infantry squad has communication gear, GPS, tracking devices, cameras, and night vision devices. The computer chip is ubiquitous and has become one of the U.S. centers of gravity. It is both our strength and could be turned into our weakness if taken away. The loss of GPS satellites would take away many of our advantages on the battlefield.

When we consider the military maxim "amateurs study tactics; professionals study logistics," it quickly becomes clear how important the logistical systems are. When we deploy forces into a theater of operations our capability to fight is shaped by the forces, weapons, equipment, and supplies that can be moved to the right place at the right time. Today, that is calculated and controlled by computers. An enemy can understand our intentions and abilities by tracking what is happening in the logistics system. If they can modify actions and data they can interdict, or at least impact, our capabilities.

We have discussed the tactical and operational considerations now let's look at the strategic reasons to fight on the cyber front.

Cyber Strategy and power

There are some general principles we should look at when analyzing the virtual world. When deciding on military strategies we look to the Principles of War. When evaluating plans we evaluate ends, ways, and means. When we analyze sources of national power we weigh Diplomatic, Information, Military and Economic (DIME) factors. Finally when we think of the national level tools we break them into hard power, soft power, and smart power. We will look at how all these apply to cyber warfare.

The U.S. Principles of War are Objective, Offensive, Mass, Economy of Force, Maneuver, Unity of Command, Security, Surprise, and Simplicity . As we look at cyber war we must decide if we are talking about the virtual battlefield of the Internet or the ubiquitous nature of cyber conflicts being enmeshed into the physical battlefield. Some of the principles don't easily transfer into the virtual battlefield but they all can be force multipliers in the physical battlefield. When deciding on a cyber strategy we must not throw out hundreds of years' worth of doctrine and tactics but rather understand how to modify it based on the new paradigm we are facing. This has been true of all the technical advancements on the battlefield that have caused a Revolution in Military Affairs (RMA). Having a clear objective with a simple plan that utilizes surprise while protecting our infrastructure is still the key to success. The numerous news stories we see show that defending in cyber warfare is not easy, so offensive actions are still the best way to achieve victory (this is a military statement and ignores the legal/policy challenges that must be solved). Mass is still important to achieve impacts and is validated by botnets today. Economy of force and maneuver are more difficult to apply in a battlefield with attrition and terrain being relative terms.


Excerpted from Cyber Warfare by Jason Andress Steve Winterfeld Copyright © 2011 by Elsevier, Inc.. Excerpted by permission of Syngress. All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Meet the Author

Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.
Steve Winterfeld (CISSP, PMP, SANS GSEC, Six Sigma) has a strong technical and leadership background in Cybersecurity, Military Intelligence, Certification&Accreditation (C&A), Simulations and Project Management.

Customer Reviews

Average Review:

Post to your social network


Most Helpful Customer Reviews

See all customer reviews