Book Review: Cyber Warfare

raceBannon writes "The authors, Steve Winterfield and Jason Andress, cover everything you will want to consider when thinking about how to use cyberspace to conduct warfare operations. The primary concepts have been bouncing around US military circles for over a decade but they have never been collected into one tome before. Clarke and Knake's book, Cyber War: The Next Threat to National Security and What to Do about It, discusses how weak the US network defenses are and offers suggestions about how to improve. Carr's book, Inside CyberWarfare: Mapping the Cyber Underworld, presents threat examples and nation state capabilities. Libicki's book, Cyberdeterrence and Cyberwar, attacks cyberwar from a policy viewpoint and does not really address operational considerations. Stiennon's book, Surviving Cyberwar, is a good place to start if you are new to the subject and is almost a prerequisite for this book." Read on for the rest of raceBannon's review.

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners
author	Jason Andress and Steve Winterfield
pages	289
publisher	Syngress
rating	10
reviewer	raceBannon
ISBN	1597496375
summary	A consolidation of the current thinking around the topic of cyber warfare.

Although the content has been around for a while, it is striking how little the main concepts have changed. In a world where new innovations completely alter the popular culture every eighteen months, the idea that Cyber Warfare's operational principals remain static year after year is counter-intuitive. After reading through the various issues within though, you begin to understand the glacial pace. These difficult concepts spawn intractable problems and the authors do a good job of explaining them.

I do have a slight issue with the subtitle though: "Techniques, Tactics and Tools for the Security Practitioners." The way I read this book, the general purpose (GP) Security Practitioner will not find this book very useful except as background information. Aside from the chapters on Logical Weapons, Social Networking and Computer Network Defense, most of the material has to do with how a nation state, mostly the US, prepares to fight in cyber space. There is overlap for the GP security practitioner, but this material is covered in more detail in other books.

The book is illustrated. Some of the graphics are right out of military manuals and have that PowerPoint Ranger look about them. Some are screenshots of the various tools presented. Others are pictures of different equipment. One graphic stood out for me in the Cyberspace Challenges chapter (14). The graphic in question is a neat Venn Diagram that encapsulates all of the Cyber Warfare issues mentioned in the book, categorizes the complexity of each issue and shows where they overlap in terms of Policy, Processes, Organization, Tech, People and Skills. My only ding on the diagram is that in the same chapter, the authors discuss how much each issue might cost to overcome. It would have been very easy to represent that information on the Venn diagram and make it more complete.

One last observation about the graphics that I really liked is the author's use of "Tip" and "Note" boxes throughout the book. Scattered throughout the chapters are grayed-out text boxes that talk about some technology or procedure that is related to the chapter information but not directly. For example, in the Social Engineering chapter (7), the authors placed a "Note" describing the various Phishing forms. You do not need the information to understand the chapter but having it nearby provides the reader with a nice example to solidify the main arguments. The book is full of these examples.

The first three chapters are my favorites. Winterfield and Andress do agood job of wrapping their heads around such entangled concepts as the definition of cyber warfare, the look of a cyber battle space and an international view of current doctrine It is fascinating.

In the middle of the book, the authors take on the task of describing the Computer Network Operations (CNO) Spectrum; a spectrum that ranges from the very passive form of Computer Network Defense (CND) through the more active forms of Computer Network Exploitation (CNE) and Computer Network Attack (CNA). It is indeed a spectrum too because the delineation between where CND, CNE and CNA start and stop is not always clean and precise. There is overlap. And somewhere along that same spectrum is where law enforcement organizations and counter-intelligence groups operate. You can get lost fairly quickly without a guide and the authors provide that function admirably. The only thing missing from these chapters is a nice diagram that encapsulates the concept.

Along the way the reader gets a nice primer on the legal issues surrounding Cyber Warfare, the ethics that apply, what it takes to be a cyber warrior and a small glimpse over the horizon about what the future of Cyber Warfare might bring. In the end, Winterfield and Andress get high marksfor encapsulating this complex material into an easy-to-understand manual; a foundational document that most military cyber warriors should have at their fingertips and a book that should reside on the shelf of anybody interested in the topic.

Full Disclosure: One of the authors, Steve Winterfield, used to work for me when he and I were both in the US Army wrestling with all of these ideas right after 9/11. I ran the Army Computer Emergency Response Team (ACERT) and Steve ran the Army's Southern Regional CERT (RCERT South). He and I have been friends ever since and he even quoted me in one of the back chapters.

You can purchase Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Support our (cyber) troops!

[Dr.Bob,DC]

If we are to start looking seriously at cyber warfare, we need first commit all the resources our fighting men and women will need to ensure they are comfortable and without ergonomic issues.

We can't do this half-baked and fly "MISSION ACCOMPLISHED" flags when we stop a defacement of a government web page. You can be sure that China and Russia (the two countries who always seem to be behind internet attacks) won't have decent equipment for their cyber warriors: 10 year old PCs, fake MAC computers, Blackberry clones, lousy seating and ergonomics, etc. Their people operate in squalor and fly-by-night conditions.

Conversely, we could have all of our cyber fighters equiped with the best gear: Large, high contrast monitors (low EMR is best). Low light (incadecent) rooms with indirect lighting. Ergonomic keyboards, mice and other input devices. Air conditioning. Pro Shiatsu massage chairs. Drink holders at the proper level. You get the idea.

These people will be sitting in these chairs for hours at a stretch. Not the best thing for your nervous system health, but they are protecting the common good of America and her allies.

Our adversaries will be sitting in their sweatshacks cursing ever minute of their work as their muscles ache and subluxations fester: we can win these things by attrition with the proper preparations. If our young cyber warriors are sacrificing their old age health, the least we can do is give them the absolute best equipment to work with.

Bob

Re:

[Moryath]

Dr. Bob, the orderlies are coming, please relax until they arrive. How did you slip the straightjacket this time?

Re:

[Lanteran]

You have won one internet.

Maping?

[oerlikon]

"Maping the Cyber Underworld"? Is that akin to raping the Cyber Underworld?

First Rule Of Cyberwarefare

[Ukab the Great]

The enemy who penetrates your most secure network is to be cautiously respected. The ally who puts the server admin username and password on a sticky note affixed to his cubicle should be both feared and immediately neutralized.

Re:

[Jeng]

Has there ever been a /. book review that was not suspect?

Is there a setting to have the book reviews hidden? I've looked but haven't found it yet.

Re:

[Lunix Nutcase]

That's not even the worst of this "review" that is chock full of typos, grammar errors and is almost entirely devoid of any actual content. It reads even worse than a book report written by a 4 year old.

Any successes?

[vlm]

1) Do any books in this genre, or this book itself, discuss real world case studies of either success or failure of the giant bureaucracies they propose? Not just a list of unaddressed threats or "wouldn't it be cool if ..."

2) I envision that a giant bureaucracy large enough to support the traditional book publishing flow, etc, is going to be way too slow to keep up with an individual 2600 reader. How to measure and handle the lag? Does the book discuss that?

Re:

[raceBannon]

Well- this book is not a case study book. it is more about policy. I am not aware of any book that outlines Cyber Warfare case studies. I think most of that would be classified. The Giant Bureaucracy you are talking about is the new Cyber Command.

It's not Cyber "Warfare" ..it's Cyber-Espionnage

[AftanGustur]

Whatt we are seeing isn't Cyber Warfare, if it really exists, no one has seen a full blown "Cyber Warfare" and can only imagine how much information the adversary will have on "E-Day"

What we are however seeing is "Cyber Espionnage", and believe me, this is a real problem, adversaries are stealing information on a political level that can be used to leverage international negotiations and gain control over national resources (Just check what the Chinese are doing in Africa).

The Chinese "Cyber Army" reall

Re:

[Anonymous Coward]

Granted Stuxnet wasn't full blown cyber warfare, but it certainly gives you an idea of what to expect when/if it happens.

Re:

[_Sprocket_]

It's just espionage with new tools. Look at 1982 Siberian Pipeline incident. No Internet required. We already have some history to work with and extrapolate from.

Re:

[iiiears]

Daddy Warbucks wants a new contract hires a private investigator, bids low wins, and isn't too concerned about cost over runs.
Journalism student Talks to a electronics worker at a bar and finds waste and cost cutting that jeopardizes Wunder device. His credit report is filled with errors and pictures are taken from his home computer and posted.
Sen. Family Values invites a friend to a weekend retreat. The wife doesn't know it yet. Would anything change his vote?
V

Re:

[raceBannon]

No - there is a difference between Cyber Espionage and Cyber Warfare. This book is about Cyber Warfare and the policies surrounding that activity. No nation has declared cyber war on another but, you can bet that many nations are experimenting with how to use cyberspace to conduct warfare operations. The Stuxnet story demonstrates that it is possible to use a cyber vector alone to destroy critical infrastructure. You can bet that many nations have noted that and are figuring out how to leverage that informa

The new excuse for a larger military, more $

[rlglende]

US military is very excellent at dealing with traditional armed forces.

It is poor at dealing with a rapidly-evolving tactical situation with non-traditional means of making war, e.g. Afghanistan. Didn't even do too well in Iraq, at least measured by the ratio of deaths of innocents to deaths of combatants.

Cyber-war, whatever that is, is in the 'extremely rapidly evolving' category. Government, in general, can't handle those : they are inside a bureaucracies decision loop, to use Boyd's terms.