Customer Review

10 of 10 people found the following review helpful
4.0 out of 5 stars Overall a book worth reading, with some caveats, October 10, 2010
Verified Purchase(What's this?)
This review is from: Cyber War: The Next Threat to National Security and What to Do About It (Hardcover)
The jacket for "Cyber War" (CW) says "This is the first book about the war of the future -- cyber war." That's not true, but I would blame the publisher for those words and not the authors. A look back to 1998 reveals books like James Adams' "The Next World War: Computers Are the Weapons & the Front Line Is Everywhere," a book whose title is probably cooler than its contents. (I read it back then but did not review it.) So what's the value of CW? I recommend reading the book if you'd like a Beltway insider's view of government and military information warfare history, combined with a few recommendations that could make a difference. CW is strongest when drawing on the authors' experience with arms control but weakest when trying to advocate technical "solutions."

Early in the book I liked the "modern history" of cyber war. I especially enjoyed comparisons with the US military's experiences creating Space Command. I lived through some of that period but was unaware how Space Command's history affected creation of Cyber Command. Later, the book is almost derailed by the over-the-top cyber-geddon described at the end of chapter 3. It's just not necessary to include several pages where everything fails simultaneously, and I bet it erodes the confidence some readers have in the story. I'd remove the doom-and-gloom in future editions because I think people can imagine disasters fairly easily. Push through to chapter 4 and the book is once again on a sensible path, at least with respect to policy and history. For example, I loved reading Microsoft's lobbying goals: don't regulate, keep the military as a customer, and don't critique China! These rang true for me.

Shortly thereafter we encounter the weakest part of CW: technical advice. These sections assume that inspecting and blocking traffic at the ISP level using "deep packet inspection" (DPI), especially "where fiber optic cables come up out of the ocean" (p 163), with signatures from malware companies, is a strategy to protect us from nation-states and other adversaries. I'd like to know how this silly idea is supposed to be any different from the defenses deployed on private networks. Even if .gov provided special "signatures" in "black boxes" at ISPs to "block attacks," sufficiently equipped and motivated adversaries would evade them. The authors admit this already happens on p 260. (On a final technical note: please replace the mathematically impossible IP addresses with something accurate, where each octet is less than 256!)

These weak technical defensive ideas erode one of the authors' main points: reliance on defense instead of offense to counter threats. This will not work because their defensive ideas will fail (and have already failed). They also promote a "declaratory posture" on pp 176-178, with which I agree because it warns adversaries how the US would react to cyber attacks. However, that echoes the concept that the best defense is a good offense, which the authors dislike. The authors also frown on ideas of deterrence, but they (like others) narrowly focus on deterrence via weapon systems (as was the case with nukes). Instead, deterrence in cyberspace should be (and already is) based on the *skill of operators* and their *reputation in battle*. For example, Israel is likely building itself a reputation in cyberspace; who cares about the specific weapons at play?

Finally, the authors discuss cyber war itself, with their definition on p 228 hinging on the word "purpose," meaning the adversary's intent determines whether war is happening or not. I can't believe someone would build policy based on adversary intent, because that can never be conclusively known and could be estimated to be whatever suits the victim's plans. I love General Minihan's quote on p 236 that "we are conducting warfare activities without thinking that it is war." The difference I see between the US and Chinese or Russians is that the Chinese and Russians know cyber war is already happening, but the US does not. The CW authors fall into this trap by talking about "economic warfare" (p 277) without realizing that undermining the US economy *is* the war. I liked the authors' recommendations to ban attacks on civilian infrastructure, along with "bilateral, private" discussions with adversaries; those are far more likely to help compared to DPI, encrypting the electrical grid (p 260), and a "Military Protocol" (p 274).

I bought and read CW, and I think you would enjoy it too.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

Be the first person to comment on this review.

[Add comment]
Post a comment
To insert a product link use the format: [[ASIN:ASIN product-title]] (What's this?)
Amazon will display this name with all your submissions, including reviews and discussion posts. (Learn more)
This badge will be assigned to you and will appear along with your name.
There was an error. Please try again.
Please see the full guidelines here.

Official Comment

As a representative of this product you can post one Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
The following name and badge will be shown with this comment:
 (edit name)
After clicking the Post button you will be asked to create your public name, which will be shown with all your contributions.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.  Learn more
Otherwise, you can still post a regular comment on this review.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
System timed out

We were unable to verify whether you represent the product. Please try again later, or retry now. Otherwise you can post a regular comment.

Since you previously posted an Official Comment, this comment will appear in the comment section below. You also have the option to edit your Official Comment.   Learn more
The maximum number of Official Comments have been posted. This comment will appear in the comment section below.   Learn more
Prompts for sign-in

Review Details



Location: Metro Washington, DC

Top Reviewer Ranking: 16,807