Cyberwarfare: Information Operations in a Connected World, 2nd Edition

Order Tramadol From Uk Cover Title Page Copyright Page Contents Dedication Page Preface Acknowledgments About the Authors Chapter 1 Information as a Military Asset What Is Cyberwarfare? Likelihood of Cyberwar The Evolving Nature of War The Role of Information in Armed Conflict Ancient Warfare World Wars Cold War Iraq War and Weapons of Mass Destruction Domains of Warfare Exploring the Cyber Domain Offensive Information Operations Defensive Information Operations Information Operations Techniques Computer Network Attack Computer Network Defense Intelligence Gathering Electronic Warfare Psychological Operations Military Deception Operations Security Identification of Critical Information Threat Analysis Vulnerability Analysis Risk Assessment Countermeasure Implementation Chapter Summary Key Concepts and Terms Chapter 1 Assessment Chapter 2 Targets and Combatants Traditional Military Targets Military Targets in Conventional Warfare Acceptable Targets, Treaties, and International Law Cyber Targets in Unconventional Warfare Targets in Asymmetric Cyberwarfare Total Cyberwarfare Cyberwarfare Targets Cyberwarfare Against Traditional Military Targets Iran Versus U.S. Drones Flame: Replacing Spies with Software The First U.S. Cyberwar Strike: Serbia and Kosovo Nontraditional Cyberwarfare Targets Political Activism and Hacktivism Industrial Espionage Military Cyberattacks on Nontraditional Targets Targets of Information Operations Combatants in Cyberwarfare Military Forces U.S. Cyber Command Guerrilla Cyberwarriors and Insurrectionists Individuals and Small Groups The Jester Comparing Traditional Warfare, Guerrilla Warfare, and Cyberwarfare How Cyberattack Differs from Traditional War The Element of Surprise Deniability Chapter Summary Key Concepts and Terms Chapter 2 Assessment Chapter 3 Cyberwarfare, Law, and Ethics Kinetic Warfare International Law and Kinetic Warfare Legal Review and Legality of Actions Cyberwarfare Law Cyberwarfare in a Kinetic Warfare Context Kinetic Warfare Law in a Cyber Context The Tallinn Manual Sovereignty, Jurisdiction, and Control Sovereignty Jurisdiction Control Responsibility Mercenaries The Use of Force Measuring Force Threats of Force Self-Defense International Governmental Organizations Civilians and Infrastructure Civilians and Military Use of the Internet Prohibited Targets: Children, Journalists, Medical and Religious Personnel, and Nature The Conduct of Attacks and Indiscriminate Means Espionage, Treachery, and Ruses Neutrality Ethics and Cyberwarfare Chapter Summary Key Concepts and Terms Chapter 3 Assessment Chapter 4 Intelligence Operations in a Connected World Intelligence Operations The Intelligence Cycle Planning and Direction Collection Processing and Exploitation Analysis and Production Dissemination Intelligence Disciplines Human Intelligence (HUMINT) Signals Intelligence (SIGINT) Open Source Intelligence (OSINT) Geospatial Intelligence (GEOINT) Measurement and Signature Intelligence (MASINT) Intelligence Support to Cyberwarfare Supporting Offensive Cyberwarfare Supporting Defensive Cyberwarfare Case Studies: Media Reporting on Intelligence Activities Echelon Telephone Metadata Data Center Eavesdropping Follow the Money Quantum Chapter Summary Key Concepts and Terms Chapter 4 Assessment Chapter 5 The Evolving Threat: From Script Kiddies to Advanced Attackers The Changing Threat Model Historical Hacking Modern Hacking Opportunistic Attacks Semi-Targeted Attacks Inside the Advanced Persistent Threat Characteristics of the APT APT Motivations Military/Political Cybercrime and Corporate Espionage Activism APT Tradecraft Zero-Day Attacks Malware Social Engineering and Phishing Strategic Web Compromises The Cyber Kill Chain® Reconnaissance Weaponize Deliver Exploit Install Command and Control Act on Objectives Chapter Summary Key Concepts and Terms Chapter 5 Assessment Chapter 6 Social Engineering and Cyberwarfare Humans: The Weak Link Social Engineering Influence as a Weapon Reciprocity Commitment and Consistency Social Proof Authority Liking Scarcity Tools of the Social Engineer Pretexting Phishing Baiting Defending Against Social Engineering Security Awareness and Education Incident Reporting and Response Content Filtering Penetration Testing Robin Sage: A Case Study in Social Engineering Chapter Summary Key Concepts and Terms Chapter 6 Assessment Chapter 7 Weaponizing Cyberspace: A History Early Attacks: The 1990s Solar Sunrise Moonlight Maze Honker Union The 2000s: The Worm Turns Code Red SQL Slammer Titan Rain Stakkato Poison Ivy Senior Suter Stuxnet and the 21st Century Stuxnet Operation Aurora Duqu Flame FOXACID Careto Russia’s Ukraine Campaign USCYBERCOM Action Against Russia Chapter Summary Key Concepts and Terms Chapter 7 Assessment Chapter 8 Nonstate Actors in Cyberwar Understanding Nonstate Actors Nongovernmental Organizations Organized Crime Corporations Terrorists and Activists Individuals and the Media The Roles of Nonstate Actors in Cyberwar Targets Participants Critics NGOs in Cyberwar Aid Groups Diplomatic Organizations Religious Organizations Organized Crime Corporations Industrial Espionage Cooperation with Intelligence Agencies Terrorists and Activists Estonia Syrian Electronic Army Anonymous Individuals and the Media Individual Motivations Hackers Chapter Summary Key Concepts and Terms Chapter 8 Assessment Chapter 9 Defense-in-Depth Strategies Defense in Depth Defense-in-Depth Strategies The NSA People, Technology, and Operations Defense Strategy People Technology Operations The 20 CIS Controls The Department of Homeland Security and Defense in Depth Computer Network Defense and Defense in Depth Where and Why Defense in Depth Fails Neglecting Layers: Getting Past the Shell System Administrators: Trusted Attackers Attacking the User: Human Factors Changes in Technology Designing a Modern CND Strategy Dynamic Defense CND and Defense-in-Depth Design Risk and Threats Secure Networks Network Enclaves and Properties Monitoring Cryptography Defense Against Malware Endpoint Security Design Physical Security Chapter Summary Key Concepts and Terms Chapter 9 Assessment Chapter 10 Cryptography and Cyberwar An Introduction to Cryptography Cryptographic Concepts Ciphers and Encryption Key Encryption Terms Symmetric Ciphers Enigma: Using and Breaking Wartime Symmetric Encryption Asymmetric Ciphers Modern Cryptosystems Data Encryption Standard Triple DES Advanced Encryption Standard RSA Hashing and Message Digests Cryptography in Cyberwar Computer Network Defense and Cryptographic Systems Computer Network Attack and Cryptographic Systems Attacking Cryptography Brute Force Acquiring the Keys Attacking the Algorithm NSA and RSA Defeating Attacks on Cryptographic Systems Defenses Defense in Depth Using Cryptographic Systems Weaponizing Cryptography Defensive Cryptography: Malware Encryption Offensive Cryptography Zeus Cryptolocker and Other Ransomware Malware The Future of Cryptography in Cyberwar Attacks Defenses Chapter Summary Key Concepts and Terms Chapter 10 Assessment Chapter 11 Defending Endpoints Cyberwarfare Endpoints Types of Endpoints Computers Mobile Devices Industrial Control Systems Supervisory Control and Data Acquisition Systems Distributed Control Systems Programmable Logic Controllers Military Systems Drones and Remote Platforms Weapons Systems Command and Control Embedded Systems Attacking Endpoints Protecting Endpoints U.S. Department of Defense Strategy Zero Trust and Endpoint Security Physical Security Policy Procedures Configuration Standards Central Management Configuration Management Patches and Updates Awareness Information Sharing Anti-Malware and Antivirus Network Protection Encryption Allow Listing and Deny Listing Allow listing Deny or Block listing Testing Chapter Summary Key Concepts and Terms Chapter 11 Assessment Chapter 12 Defending Networks Network Defense in Depth Identify, Protect, Detect, Respond, and Recover in the Context of Network Defense Mission Assurance Surviving Attacks Network Operational Procedures Network Security Design Classification Network Defense Technologies Zero Trust Protocols Border Gateway Protocol Transport Layer Security IPsec Network Access Control Network Firewalls Routers and Switches Network Security Boundaries Virtual LANs Intrusion Detection and Prevention Systems Security Information and Event Management Systems Physical Network Protection Wireless Network Security Remote Access and Administration Active Defense Honeypots, Honeynets, and Darknets Active Response Chapter Summary Key Concepts and Terms Chapter 12 Assessment Chapter 13 Defending Data Data Classification Data Loss and Prevention Data Spills Data Loss Prevention Encryption and Data Loss Data Integrity and Availability Integrity Availability Backups Redundancy Data Retention and Disposal Data Life Cycle Management Data Labeling Drives and Media Management Data Loss Response Chapter Summary Key Concepts and Terms Chapter 13 Assessment Chapter 14 Cyberwarfare and Military Doctrine Military Doctrine Principles of War Forms of Warfare Levels of Warfare Cyberattack Strikes the Air Force Organizing for Cyber Operations U.S. Strategic Command (USSTRATCOM) U.S. Cyber Command (USCYBERCOM) Five Pillars of Cyberwarfare Chapter Summary Key Concepts and Terms Chapter 14 Assessment Chapter 15 Pandora’s Box: The Future of Cyberwarfare The Future of Cyberwar Blurred Boundaries: Cyberwar and Nonstate Actors Advanced Persistent Threats Continuous Warfare Integrating Cyberwar and Kinetic Warfare Alliances and Partnerships International Law and Cyberwarfare Networks Everywhere: Cyberwar in a Highly Connected World Cyberwar and Infrastructure Advanced Tools and Training The Future of Defensive Cyberwar Chapter Summary Key Concepts and Terms Chapter 15 Assessment Appendix A: Answer Key Appendix B: Standard Acronyms Glossary of Key Terms References Index