Cyber Warfare explores the battlefields, participants and the tools and techniques used during today's digital conflicts. The concepts discussed in this book will give those involved in information security at all levels a better idea of how cyber conflicts are carried out now, how they will change in the future and how to detect and defend against espionage, hacktivism, insider threats, and non-state actors like organized criminals and terrorists. Every one of our systems is under attack from multiple vectors--our defenses must be ready all the time and our alert systems must detect the threats every time.
- Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks
- Dives deeply into relevant technical and factual information from an insider's point of view
- Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result
Amazon Exclusive: Notes from Steve Winterfeld and Jason Andress, Authors of Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners
Although we have not had a cyber event that has motivated a country western song, there has been a major uptick in activity recently.
- According to The Wall Street Journal, the Pentagon has announced that cyber attacks can be considered an act of war.
- The Washington Post has published a DoD list of cyber weapons.
- Major Defense contractors (Lockeed Martin, Northrop Grumman) as well as RSA were hacked by the Advanced Persistent Threat (state-sponsored threat most often associated with China).
- Sony, the Public Broadcast System (PBS) and others have been hacked by Anonymous (a caused-based hackavist group). NATO talks about this group as a concern in a report to the General Assembly of the United Nations.
- The U.S. President issued his International Strategy for Cyberspace and his Cybersecurity Legislative Proposal.
- China has openly admitted to standing up a “cyber blue team.”
- CNBC has aired a special titled “Code Wars,” covering the expanding threats we face.
It seems like a week doesn’t go by without a cyber story on the front page. We wrote Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners to help put these individual events in context as part of a larger environment with individual, organizational and national actors.
Featured Excerpts from Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners
Top Documents to Read Related to Cyber Warfare
- Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure; Melissa Hathaway (May 2009)
- Joint Terminology for Cyberspace Operations from Joint Staff (November, 2010)
- Memorandum of Agreement Between the Department of Homeland Security and Department of Defense Regarding Cybersecurity by Janet Napolitano and Robert Gates (October 2010)
- Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation for US-China Economic and Security Review Commission (October 2009)
- Global Energy Cyber attacks: “Night Dragon” By McAfee® Foundstone® outlining efforts to infiltrate Energy Sector (February 2011)
- Project Grey Goose report reviewing cyber warfare as part of Russia’s attack on Georgia (January 2010)
- Tracking GhostNet : Investigating a Cyber Espionage Network (March 2009)
Key Related Documents Published After Cyber Warfare Went to Press:
- Cybersecurity Two Years Later By CSIS Commission on Cybersecurity for the 44th Presidency (January 31, 2011)
- Cybersecurity Proposed Legislation; The White House (May 12, 2011)
- International Strategy for Cyberspace; The White House (May, 2011)
- Department of Defense Strategy for Operating in Cyberspace; Department of Defense (July 2011)
Great Annual Reports to Keep Up With:
- The Top Cyber Security Risks by SANS
- 2010/2011 Computer Crime and Security Survey (15th Annual) by Computer Security Institute
- Ponemon Institute Annual Study: Cost of a Data Breach
- Symantec Global Internet Security Threat Reports
- Verizon Annual Data Breach Investigations Report
"…aimed at a military audience, this book offers concepts and examples largely from the U.S. Military."--Security Management, January 2013, page 60 "This book of around 300 pages and some 15 chapters, with a ‘cyber timeline’ appendix, provides an adequate coverage of the topics given that the whole area is subject to rapid change in both technical and policy terms. The foreword to the book again sets the scene. It asks the question ‘just what should teaching on this vital subject involve and how should it be done?’. It then sets out the aim of the book as, to quote, ‘to cover the strategic, operational, and tactical aspects of the conflicts in cyberspace today.’ This ambitious aim is partially met but mainly from an intensely USA perspective even though some reviews are done of international policy settings as of the date of writing."--Computers & Security "The book is also crammed with details that keep it from being too dry a treatise ― right from the foreword, where the president of security experts The SANS Institute confesses to being fooled into friending a fake Facebook persona (luckily for him, set up by a security researcher). The short final section of perspectives from a range of security experts is thought-provoking, but mostly this is a rigorous analysis of every aspect of cyber-war and defences against it…. At the end of Cyber Warfare you won't have a definitive answer on whether a true cyber-war is imminent. What you will have is a far better idea of the complexity of the situation, and a clear view of where to start evaluating threats to your infrastructure and how to protect against them."--ZDNet UK "Regardless of where the definition of cyber warfare finally settles, be it simply a war waged over the Internet, a technological cold war, network-based hostilities or simply another theater of war, there are without doubt activities that transpire over the wire that require much closer scrutiny not only by the security community but also by governments, businesses and the general public. The authors accurately and adeptly take the reader from the headlines to the front lines with frequent stops in underground communities, legislative halls and anywhere hackers (ethical or otherwise) are in high demand. This book serves as a report on the current cyber state of affairs on a global scale, as a career guide to those looking to enter this burgeoning field, and, most importantly, as a reference on protecting assets that are unmistakably in the field of battle...whether intended or not."--Donald C. Donzal, Editor-In-Chief, The Ethical Hacker Network "A fifth domain of war has been added to land, air, sea and space: cyber. Malware capable of taking a nuclear program offline was science fiction 5 years ago: Stuxnet demonstrates that information security is now a matter of national security. This timely and necessary book provides an assessment of the current state of cyber warfare, and more importantly, where the conflict is heading. Highly recommended for information security professionals."--Eric Conrad, Lead Author, CISSP Study Guide, President, Backshore Communications "Now another view on cyber security comes from Steve Winterfeld, co-author of the recently published book on the subject, Cyber Warfare, Techniques, Tactics and tools for Security Practitioners, who believes the answer lies in punishing the hackers. ‘Somewhere along the line we are going to have to change the cost/benefit equation,’ said Winterfeld, "arresting and going after the individual, that’s how we change the costs." But on state sponsored cyber warfare Winterfeld admits that is very difficult, and says he covers it thoroughly in chapter 14 of his book. Both Winterfeld and Oates spoke by phone on the ScienceNews Radio Network program, the Promise of Tomorrow with Colonel Mason."--News Examiner "Cyber Warfare explores the battlefields, participants and the tools and techniques used during today’s digital conflicts. The concepts discussed in this book will give those involved in information security at all levels a better idea of how cyber conflicts are carried out now, how they will change in the future and how to detect and defend against espionage, hacktivism, insider threats and no-state actors like organized criminals and terrorists. Every one of our systems is under attack from multiple vectors-our defenses must be ready all the time and our alert systems must detect the threats every time."--The Journal (of Law Enforcement)