Contents |
Preface -- Foreword -- Introduction -- Biography -- 1. Cyber Warfare: Here and Now -- What Is Cyber War? -- Is Cyber War a Credible Threat? -- Attribution, Deception, and Intelligence -- Information Assurance -- I. Cyber Attack -- 2. Political Cyber Attack Comes of Age in 2007 -- Reliance on Information as a Vulnerability -- Rudimentary but Effective: Denial of Service -- Leaving Unwanted Messages: Web Site Defacement -- Tools for Denial of Service -- The Difficulty of Assigning Blame: Why Attribution Is Tough in a DDoS Attack -- Estonia Is Hit by Cyber Attacks -- General Response to DDoS -- Summary -- Suggested Further Reading -- 3. How Cyber Attacks Augmented Russian Military Operations -- The 2008 Russian Cyber Campaign Against Georgia -- What Is Interesting About the Russian Cyber Campaign -- Preparing for a Cyber-Capable Adversary -- Summary -- Suggested Further Reading -- 4. When Who Tells the Best Story Wins: Cyber and Information Operations in the Middle East -- Hijacking Noncombatant Civilian IP Addresses to Help the War Effort: The Israel-Hezbollah "July War" of 2006 -- Civilians in the Cyber Melee: Operation Cast Lead -- Summary -- Suggested Further Reading -- 5. Limiting Free Speech on the Internet: Cyber Attack Against Internal Dissidents in Iran and Russia -- DDoS as a Censorship Tool: Why Dissident Groups Are Inherently Vulnerable to Cyber Attacks -- Silencing Novaya Gazeta and Other Russian Dissidents -- Iran-How the 2009 Elections Led to Aggressive Cyber Operations -- Summary -- 6. Cyber Attacks by Nonstate Hacking Groups: The Case of Anonymous and Its Affiliates -- "Chaotic" Beginnings: The Chaos Computer Club, CCC -- The Roots of the Anon-4chan, 7chan, and Other Message Boards -- How We Are Influenced by 4chan: Memes -- Anonymous-On Image, Structure, and Motivation -- Anonymous-External Connections and Spin Offs -- Your Security Is a Joke: LulzSec -- Anonymous' Modus Operandi -- Targeting Governments, Corporations, and Individuals: Notable Hacks on Anonymous -- Software for the Legion: Anonymous Products -- Summary -- Suggested Further Reading -- II. Cyber Espionage and Exploitation -- 7. Enter the Dragon: Why Cyber Espionage Against Militaries, Dissidents, and Nondefense Corporations Is a Key Component of Chinese Cyber Strategy -- Introduction -- Why Cyber Espionage Is Important to China: A Look at Chinese Cyber Doctrine -- Leveraging Resources Beyond the Military: The Cyber Warriors of China -- Stealing Information from the U.S. Industrial-Military Complex: Titan Rain -- Cyber War Against the Corporate World: A Case Study of Cyber Intrusion Attributed to China -- Monitoring Dissidents: Gh0stNet -- Using Legitimate Web Sites for Data Exfiltration: The Shadow Network -- Cyber War Through Intellectual Property Theft: Operation Aurora -- An Example of the Current State of the Art: Sykipot -- Summary -- Suggested Further Reading -- 8. Duqu, Flame, Gauss, the Next Generation of Cyber Exploitation -- Introduction -- Kernel Mode Rootkits -- Vulnerabilities in the Operating System -- Stolen Keying Material -- Commonalities Between Stuxnet and Duqu -- Information-Stealing Trojans -- The Geography of Duqu -- TDL3 and Other Malware -- Object-Oriented Malware: Stuxnet, Duqu, Flame, and Gauss -- Summary -- Suggested Further Reading -- 9. Losing Trust in Your Friends: Social Network Exploitation -- Introduction -- Do You Really Know All Your Linkedln Connections? Imposters in Social Networks -- Designing Common Knowledge: Influencing a Social Network -- Summary -- Suggested Further Reading -- 10. How Iraqi Insurgents Watched U.S. Predator Video-Information Theft on the Tactical Battlefield -- Introduction -- The Predator UAV -- Hacking the Predator Feed -- Summary -- Suggested Further Reading -- III. Cyber Operations for Infrastructure Attack -- 11. Cyber Warfare Against Industry -- Introduction -- Industrial Control Systems: Critical Infrastructure for Modern Nations -- Information Technology vs. Industrial Control Systems: Why Traditional Infosec Practices May Not Apply -- How Real-World Dependencies Can Magnify an Attack: Infrastructure Attacks and Network Topology -- How a Cyber Attack Led to Water Contamination: The Maroochy Water Breach -- Summary -- Suggested Further Reading -- 12. Can Cyber Warfare Leave a Nation in the Dark? Cyber Attacks Against Electrical Infrastructure -- Introduction -- Cyber Attacks Directed Against Power Grids -- Destroying a Generator with a Cyber Attack: The Aurora Test -- Taking the Power Grid Offline with Minimal Effort: Attacks Leveraging Network Topology -- Summary -- Suggested Further Reading -- 13. Attacking Iranian Nuclear Facilities: Stuxnet -- Introduction -- The Alleged Target: The Natanz Fuel Enrichment Facility -- How Stuxnet Targets Industrial Control Systems -- Stuxnet Successfully Targets the Natanz Fuel Enrichment Plant -- Stuxnet Is a Significant Advancement in Malware -- Stuxnet Invalidates Several Security Assumptions -- Implications for the Future -- Summary -- Suggested Further Reading -- Conclusion and the Future of Cyber-Warfare -- Appendix I. Chapter 6: LulzSec Hacktivities -- Appendix II. Chapter 6: Anonymous Timeline -- Glossary -- Index. |
Abstract |
Cyber Warfare has become a global problem threatening governments, corporations and individuals. This new domain of warfare is not only inhabited by governments such as China, Russia, Iran, and the United States, but a variety of other actors including insurgent groups like Hezbollah and Hamas as well as hacking groups such as Anonymous, LulzSec, and others. According to a recent analysis the global market for Cyber Warfare consulting, product development and protective services will reach a value of $15.9 billion in 2012. This in-depth text on cyber warfare, written by experts on the front lines, explores the cutting edge world of cyber-warfare including the following: Provides a multi-disciplinary approach to Cyber Warfare analyzing the information technology, military, policy, social, and scientific issues that are in play, Presents detailed case studies of cyber-attack including inter-state cyber-conflict (Russia-Estonia), cyber-attack as an element of an information operations strategy (Israel-Hezbollah,) cyber-attack as a tool against dissidents within a state (Russia, Iran); cyber-attack conducted by large, powerful, non-state hacking organizations such as Anonymous and LulzSec, and attacks directed against infrastructure such including water treatment plants, the power-grid and a detailed account on the Stuxent worm, Explores acts of cyber-warfare against industry including those against Aramco, Google, and others as well as the state-of-the-art in intelligence-gathering malware platforms including Duqu, Flame, and Gauss as well as how social media such as Facebook and Linkedln are also leveraged for this purpose. |