Cyber Warfare book cover

Cyber Warfare

Techniques, Tactics and Tools for Security Practitioners

Cyber Warfare Techniques, Tactics and Tools for Security Practitioners discusses the strategic, operational, and tactical aspects of cyber warfare. The book provides information that organizations can use to develop a strategic vision for cyber security, but it is also designed to spur national debate on the direction of cyber warfare. Starting with a definition of cyber warfare, the book’s 15 chapters discuss the following topics: the cyberspace battlefield; cyber doctrine; cyber warriors; logical, physical, and psychological weapons; computer network exploitation; computer network attack and defense; non-state actors in computer network operations; legal system impacts; ethics in cyber warfare; cyberspace challenges; and the future of cyber war. This book is a valuable resource to those involved in cyber warfare activities, including policymakers, penetration testers, security professionals, network and systems administrators, and college instructors. The information provided on cyber tactics and attacks can also be used to assist in developing improved and more efficient procedures and technical defenses. Managers will find the text useful in improving the overall risk management strategies for their organizations.

Audience
Information security practitioners, network security administrators, computer system administrators, security analysts

,

Published: June 2011

Imprint: Syngress

ISBN: 978-1-59749-637-7

Reviews

  • "…aimed at a military audience, this book offers concepts and examples largely from the U.S. Military."--Security Management, January 2013, page 60
    "This book of around 300 pages and some 15 chapters, with a ‘cyber timeline’ appendix, provides an adequate coverage of the topics given that the whole area is subject to rapid change in both technical and policy terms. The foreword to the book again sets the scene. It asks the question ‘just what should teaching on this vital subject involve and how should it be done?’. It then sets out the aim of the book as, to quote, ‘to cover the strategic, operational, and tactical aspects of the conflicts in cyberspace today.’ This ambitious aim is partially met but mainly from an intensely USA perspective even though some reviews are done of international policy settings as of the date of writing."--Computers & Security
    "The book is also crammed with details that keep it from being too dry a treatise - right from the foreword, where the president of security experts The SANS Institute confesses to being fooled into friending a fake Facebook persona (luckily for him, set up by a security researcher). The short final section of perspectives from a range of security experts is thought-provoking, but mostly this is a rigorous analysis of every aspect of cyber-war and defences against it…. At the end of Cyber Warfare you won't have a definitive answer on whether a true cyber-war is imminent. What you will have is a far better idea of the complexity of the situation, and a clear view of where to start evaluating threats to your infrastructure and how to protect against them."--ZDNet UK
    "Regardless of where the definition of cyber warfare finally settles, be it simply a war waged over the Internet, a technological cold war, network-based hostilities or simply another theater of war, there are without doubt activities that transpire over the wire that require much closer scrutiny not only by the security community but also by governments, businesses and the general public. The authors accurately and adeptly take the reader from the headlines to the front lines with frequent stops in underground communities, legislative halls and anywhere hackers (ethical or otherwise) are in high demand. This book serves as a report on the current cyber state of affairs on a global scale, as a career guide to those looking to enter this burgeoning field, and, most importantly, as a reference on protecting assets that are unmistakably in the field of battle...whether intended or not."--Donald C. Donzal, Editor-In-Chief, The Ethical Hacker Network
    "A fifth domain of war has been added to land, air, sea and space: cyber. Malware capable of taking a nuclear program offline was science fiction 5 years ago: Stuxnet demonstrates that information security is now a matter of national security. This timely and necessary book provides an assessment of the current state of cyber warfare, and more importantly, where the conflict is heading. Highly recommended for information security professionals."--Eric Conrad, Lead Author, CISSP Study Guide, President, Backshore Communications
    "Now another view on cyber security comes from Steve Winterfeld, co-author of the recently published book on the subject, Cyber Warfare, Techniques, Tactics and tools for Security Practitioners, who believes the answer lies in punishing the hackers. ‘Somewhere along the line we are going to have to change the cost/benefit equation,’ said Winterfeld, "arresting and going after the individual, that’s how we change the costs." But on state sponsored cyber warfare Winterfeld admits that is very difficult, and says he covers it thoroughly in chapter 14 of his book. Both Winterfeld and Oates spoke by phone on the ScienceNews Radio Network program, the Promise of Tomorrow with Colonel Mason."--News Examiner
    "Cyber Warfare explores the battlefields, participants and the tools and techniques used during today’s digital conflicts.  The concepts discussed in this book will give those involved in information security at all levels a better idea of how cyber conflicts are carried out now, how they will change in the future and how to detect and defend against espionage, hacktivism, insider threats and no-state actors like organized criminals and terrorists.  Every one of our systems is under attack from multiple vectors-our defenses must be ready all the time and our alert systems must detect the threats every time."--The Journal (of Law Enforcement)


Contents


  • Acknowledgments

    About the Authors

    About the Technical Editor

    Foreword

    Introduction

    Chapter 1 What is Cyber Warfare?

    What is Cyber Warfare?

    Definition for Cyber Warfare

    Tactical and Operational Reasons for Cyber War

    Cyber Strategy and Power

    Cyber Arms Control

    What is the United States Doing About the Threat of a Cyber War?

    Have We Seen a Cyber War?

    Case Studies

    The Debate (Is it Real?)

    Why Cyber Warfare is Important

    Summary

    Endnotes

    Chapter 2 The Cyberspace Battlefield

    Boundaries in Cyber Warfare

    Defense in Depth

    Physical Infrastructure

    Organizational View

    Where Cyber Fits in the War-fighting Domains

    Land

    Sea

    Air

    Space

    Cyber Domain

    Threatscape

    Most Active Threats

    Most Dangerous Threats

    Motivations

    Fielding Systems at the Speed of Need

    Summary

    Endnotes

    Chapter 3 Cyber Doctrine

    Current U.S. Doctrine

    U.S. Forces

    U.S. Air Force

    U.S. Navy

    U.S. Army

    DoD INFOCONs

    Sample Doctrine/Strategy from Around the World

    Chinese Doctrine

    Other Key Nations Developing Doctrine

    Translating Traditional Military Doctrine

    IPOE

    JMEM

    MOE

    BDA

    CAS

    COIN

    Guidance and Directives

    CNCI

    DHS

    HSPD

    NIST

    Academia and Industry Associations

    Operations and Exercises

    Federal Exercises

    DoD Exercises

    Educational Exercises

    Sample MESLs

    Summary

    Endnotes

    Chapter 4 Cyber Warriors

    What Does a Cyber Warrior Look Like?

    Certifications

    Education and Training

    Experience and Skills

    Differences from Traditional Forces

    Age

    Attitude

    Physical Condition

    Credentials

    Present Cyber Warfare Forces

    U.S.

    China

    Russia

    France

    Israel

    Brazil

    Singapore

    South Korea

    North Korea

    Australia

    Malaysia

    Japan

    Canada

    United Kingdom

    Other Countries with Cyber Forces

    Corporate

    Criminal

    Staffing for Cyber War

    Sources of Talent

    Training the Next Generation

    Summary

    Endnotes

    Chapter 5 Logical Weapons

    Reconnaissance Tools

    General Information Gathering

    Whois

    DNS

    Metadata

    Maltego

    Defense

    Scanning Tools

    Nmap

    Nessus

    Defense

    Access and Escalation Tools

    Password Tools

    The Metasploit Project

    Immunity CANVAS

    Defense

    xfiltration Tools

    Physical Exfiltration

    Encryption and Steganography

    Using Common Protocols

    Out of Band Methods

    Defense

    Sustainment Tools

    Adding “Authorized” Access

    Backdoors

    Defense

    Assault Tools

    Meddling with Software

    Attacking Hardware

    Defense

    Obfuscation Tools

    Location Obscuration

    Log Manipulation

    File Manipulation

    Defense

    Summary

    Endnotes

    Chapter 6 Physical Weapons

    How the Logical and Physical Realms are Connected

    Logical Systems Run on Physical Hardware

    Logical Attacks Can Have Physical Effects

    Infrastructure Concerns

    What is SCADA?

    What Security Issues are Present in the World of SCADA?

    What are the Consequences of SCADA Failures?

    Supply Chain Concerns

    Compromised Hardware

    Deliberately Corrupted Components

    Non-Technical Issues

    Tools for Physical Attack and Defense

    Electromagnetic Attacks

    Covert Activity

    Summary

    Endnotes

    Chapter 7 Psychological Weapons

    Social Engineering Explained

    Is Social Engineering Science?

    SE Tactics Techniques and Procedures (TTPs)

    Types of SE Approaches

    Types of SE Methodologies

    How the Military Approaches Social Engineering

    Army Doctrine

    How the Military Defends Against Social Engineering

    How the Army does CI

    An Air Force Approach

    Summary

    Endnotes

    Chapter 8 Computer Network Exploitation

    Intelligence and Counter-Intelligence

    Sources of Cyber Attacks

    Attackers and Sponsors of Attacks

    Reconnaissance

    Open Source Intelligence

    Passive Reconnaissance

    Surveillance

    Justifications for Surveillance

    Advanced Persistent Threat

    Voice Surveillance

    Data Surveillance

    Large-Scale Surveillance Programs

    Uses of Surveillance Data

    Summary

    Endnotes

    Chapter 9 Computer Network Attack

    Waging War in the Cyber Era

    Physically

    Electronically

    Logically

    Reactively vs. Proactively

    Time as a Factor

    The Attack Process

    Recon

    Scan

    Access

    Escalate

    Exfiltrate

    Assault

    Sustain

    Obfuscate

    Summary

    Endnotes

    Chapter 10 Computer Network Defense

    What We Protect

    Confidentiality, Integrity, Availability

    Authenticate, Authorize, and Audit

    Security Awareness and Training

    Awareness

    Training

    Defending against Cyber Attacks

    Policy and Compliance

    Surveillance, Data Mining, and Pattern Matching

    Intrusion Detection and Prevention

    Vulnerability Assessment and Penetration Testing

    Disaster Recovery Planning

    Defense in Depth

    Summary

    Endnotes

    Chapter 11 Non-State Actors in Computer Network Operations

    Individual Actors

    Script Kiddies

    Malware Authors

    Scammers

    Blackhats

    Hacktivists

    Patriot Hackers

    Corporations

    Motivation for Corporations to Act in Cyber Warfare

    Cyber Terrorism

    Reasons for Cyber Terrorist Attacks

    What Will Happen When We See a Cyber Terrorist Attack?

    Organized Cyber Crime

    Motivations for Criminal Organizations

    Autonomous Actors

    Exploratory Systems

    Attack Systems

    Defensive Systems

    Summary

    Endnotes

    Chapter 12 Legal System Impacts

    Legal Systems

    International

    United States Laws

    Criminal Law

    Key U.S. Laws

    International Trafficking in Arms Regulations

    U.S. Cyber Related Laws

    Privacy Impacts

    Electronic Communications Privacy Act

    Digital Forensics

    Certification

    Summary

    Endnotes

    Chapter 13 Ethics

    Ethics in Cyber Warfare

    Use of Force

    Intent

    Secrecy

    Attribution

    Military Ethics

    Bellum Iustum (Just War Theory)

    Jus ad Bellum (The Right to Wage War)

    Jus in Bello (Proper Conduct in War)

    Jus Post Bellum (Justice after War)

    Summary

    Endnotes

    Chapter 14 Cyberspace Challenges

    Cybersecurity Issues Defined

    Policy

    Processes

    Technical

    Skills

    People

    Organization

    Core (Impacting All Areas)

    Interrelationship of Cybersecurity Issues

    Way Ahead

    Summary

    Endnotes

    Chapter 15 The Future of Cyber War

    Near Term Trends

    Most Likely and Most Dangerous Courses of Action

    New Technologies and New Problems

    International Interactions

    Summary

    Endnotes

    Appendix: Cyber Timeline

    Index




Advertisement

advert image