Cyber Warfare
Techniques, Tactics and Tools for Security Practitioners
- 1st Edition - June 1, 2011
- Imprint: Syngress
- Authors: Jason Andress, Steve Winterfeld
- Language: English
- eBook ISBN:9 7 8 - 1 - 5 9 7 4 9 - 6 3 8 - 4
Cyber Warfare Techniques, Tactics and Tools for Security Practitioners provides a comprehensive look at how and why digital warfare is waged. This book explores the participa… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteCyber Warfare Techniques, Tactics and Tools for Security Practitioners provides a comprehensive look at how and why digital warfare is waged. This book explores the participants, battlefields, and the tools and techniques used during today's digital conflicts. The concepts discussed will give students of information security a better idea of how cyber conflicts are carried out now, how they will change in the future, and how to detect and defend against espionage, hacktivism, insider threats and non-state actors such as organized criminals and terrorists.
Every one of our systems is under attack from multiple vectors - our defenses must be ready all the time and our alert systems must detect the threats every time. This book provides concrete examples and real-world guidance on how to identify and defend a network against malicious attacks. It considers relevant technical and factual information from an insider's point of view, as well as the ethics, laws and consequences of cyber war and how computer criminal law may change as a result. Starting with a definition of cyber warfare, the book’s 15 chapters discuss the following topics: the cyberspace battlefield; cyber doctrine; cyber warriors; logical, physical, and psychological weapons; computer network exploitation; computer network attack and defense; non-state actors in computer network operations; legal system impacts; ethics in cyber warfare; cyberspace challenges; and the future of cyber war.
This book is a valuable resource to those involved in cyber warfare activities, including policymakers, penetration testers, security professionals, network and systems administrators, and college instructors. The information provided on cyber tactics and attacks can also be used to assist in developing improved and more efficient procedures and technical defenses. Managers will find the text useful in improving the overall risk management strategies for their organizations.
- Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks
- Dives deeply into relevant technical and factual information from an insider's point of view
- Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result
Information security practitioners, network security administrators, computer system administrators, security analysts
Acknowledgments
About the Authors
About the Technical Editor
Foreword
Introduction
Chapter 1 What is Cyber Warfare?
What is Cyber Warfare?
Definition for Cyber Warfare
Tactical and Operational Reasons for Cyber War
Cyber Strategy and Power
Cyber Arms Control
What is the United States Doing About the Threat of a Cyber War?
Have We Seen a Cyber War?
Case Studies
The Debate (Is it Real?)
Why Cyber Warfare is Important
Summary
Endnotes
Chapter 2 The Cyberspace Battlefield
Boundaries in Cyber Warfare
Defense in Depth
Physical Infrastructure
Organizational View
Where Cyber Fits in the War-fighting Domains
Land
Sea
Air
Space
Cyber Domain
Threatscape
Most Active Threats
Most Dangerous Threats
Motivations
Fielding Systems at the Speed of Need
Summary
Endnotes
Chapter 3 Cyber Doctrine
Current U.S. Doctrine
U.S. Forces
U.S. Air Force
U.S. Navy
U.S. Army
DoD INFOCONs
Sample Doctrine/Strategy from Around the World
Chinese Doctrine
Other Key Nations Developing Doctrine
Translating Traditional Military Doctrine
IPOE
JMEM
MOE
BDA
CAS
COIN
Guidance and Directives
CNCI
DHS
HSPD
NIST
Academia and Industry Associations
Operations and Exercises
Federal Exercises
DoD Exercises
Educational Exercises
Sample MESLs
Summary
Endnotes
Chapter 4 Cyber Warriors
What Does a Cyber Warrior Look Like?
Certifications
Education and Training
Experience and Skills
Differences from Traditional Forces
Age
Attitude
Physical Condition
Credentials
Present Cyber Warfare Forces
U.S.
China
Russia
France
Israel
Brazil
Singapore
South Korea
North Korea
Australia
Malaysia
Japan
Canada
United Kingdom
Other Countries with Cyber Forces
Corporate
Criminal
Staffing for Cyber War
Sources of Talent
Training the Next Generation
Summary
Endnotes
Chapter 5 Logical Weapons
Reconnaissance Tools
General Information Gathering
Whois
DNS
Metadata
Maltego
Defense
Scanning Tools
Nmap
Nessus
Defense
Access and Escalation Tools
Password Tools
The Metasploit Project
Immunity CANVAS
Defense
xfiltration Tools
Physical Exfiltration
Encryption and Steganography
Using Common Protocols
Out of Band Methods
Defense
Sustainment Tools
Adding “Authorized” Access
Backdoors
Defense
Assault Tools
Meddling with Software
Attacking Hardware
Defense
Obfuscation Tools
Location Obscuration
Log Manipulation
File Manipulation
Defense
Summary
Endnotes
Chapter 6 Physical Weapons
How the Logical and Physical Realms are Connected
Logical Systems Run on Physical Hardware
Logical Attacks Can Have Physical Effects
Infrastructure Concerns
What is SCADA?
What Security Issues are Present in the World of SCADA?
What are the Consequences of SCADA Failures?
Supply Chain Concerns
Compromised Hardware
Deliberately Corrupted Components
Non-Technical Issues
Tools for Physical Attack and Defense
Electromagnetic Attacks
Covert Activity
Summary
Endnotes
Chapter 7 Psychological Weapons
Social Engineering Explained
Is Social Engineering Science?
SE Tactics Techniques and Procedures (TTPs)
Types of SE Approaches
Types of SE Methodologies
How the Military Approaches Social Engineering
Army Doctrine
How the Military Defends Against Social Engineering
How the Army does CI
An Air Force Approach
Summary
Endnotes
Chapter 8 Computer Network Exploitation
Intelligence and Counter-Intelligence
Sources of Cyber Attacks
Attackers and Sponsors of Attacks
Reconnaissance
Open Source Intelligence
Passive Reconnaissance
Surveillance
Justifications for Surveillance
Advanced Persistent Threat
Voice Surveillance
Data Surveillance
Large-Scale Surveillance Programs
Uses of Surveillance Data
Summary
Endnotes
Chapter 9 Computer Network Attack
Waging War in the Cyber Era
Physically
Electronically
Logically
Reactively vs. Proactively
Time as a Factor
The Attack Process
Recon
Scan
Access
Escalate
Exfiltrate
Assault
Sustain
Obfuscate
Summary
Endnotes
Chapter 10 Computer Network Defense
What We Protect
Confidentiality, Integrity, Availability
Authenticate, Authorize, and Audit
Security Awareness and Training
Awareness
Training
Defending against Cyber Attacks
Policy and Compliance
Surveillance, Data Mining, and Pattern Matching
Intrusion Detection and Prevention
Vulnerability Assessment and Penetration Testing
Disaster Recovery Planning
Defense in Depth
Summary
Endnotes
Chapter 11 Non-State Actors in Computer Network Operations
Individual Actors
Script Kiddies
Malware Authors
Scammers
Blackhats
Hacktivists
Patriot Hackers
Corporations
Motivation for Corporations to Act in Cyber Warfare
Cyber Terrorism
Reasons for Cyber Terrorist Attacks
What Will Happen When We See a Cyber Terrorist Attack?
Organized Cyber Crime
Motivations for Criminal Organizations
Autonomous Actors
Exploratory Systems
Attack Systems
Defensive Systems
Summary
Endnotes
Chapter 12 Legal System Impacts
Legal Systems
International
United States Laws
Criminal Law
Key U.S. Laws
International Trafficking in Arms Regulations
U.S. Cyber Related Laws
Privacy Impacts
Electronic Communications Privacy Act
Digital Forensics
Certification
Summary
Endnotes
Chapter 13 Ethics
Ethics in Cyber Warfare
Use of Force
Intent
Secrecy
Attribution
Military Ethics
Bellum Iustum (Just War Theory)
Jus ad Bellum (The Right to Wage War)
Jus in Bello (Proper Conduct in War)
Jus Post Bellum (Justice after War)
Summary
Endnotes
Chapter 14 Cyberspace Challenges
Cybersecurity Issues Defined
Policy
Processes
Technical
Skills
People
Organization
Core (Impacting All Areas)
Interrelationship of Cybersecurity Issues
Way Ahead
Summary
Endnotes
Chapter 15 The Future of Cyber War
Near Term Trends
Most Likely and Most Dangerous Courses of Action
New Technologies and New Problems
International Interactions
Summary
Endnotes
Appendix: Cyber Timeline
Index
- Edition: 1
- Published: June 1, 2011
- Imprint: Syngress
- Language: English
- eBook ISBN: 9781597496384
JA
Jason Andress
Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.
Affiliations and expertise
CISSP, ISSAP, CISM, GPENSW
Steve Winterfeld
Steve Winterfeld (CISSP, PMP, SANS GSEC, Six Sigma) has a strong technical and leadership background in Cybersecurity, Military Intelligence, Certification & Accreditation (C&A), Simulations and Project Management.
Affiliations and expertise
(CISSP, PMP, SANS GSEC, Six Sigma) has a strong technical and leadership background in Cybersecurity and Military Intelligence.Read Cyber Warfare on ScienceDirect