"Inside Cyber Warfare", Jeffrey Carr, 2010, 978-0-596-80215-8,
%A Jeffrey Carr greylogic.us
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%G 978-0-596-80215-8 0-596-80215-3
%I O'Reilly & Associates, Inc.
%O U$39.99/C$49.99 800-998-9938 fax: 707-829-0104 email@example.com
%O http://www.amazon.com/exec/obidos/AS...bsladesinterne http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
%O Audience n Tech 1 Writing 2 (see revfaq.htm for explanation)
%P 212 p.
%T "Inside Cyber Warfare: Mapping the Cyber Underworld"
The preface states that this text is an attempt to cover the very
broad topic of cyber warfare with enough depth to be interesting
without being technically challenging for the reader.
Chapter one provides examples of cyber attacks (mostly DDoS
[Distributed Denial of Service]), and speculations about future
offensives. More detailed stories are given in chapter two, although
the reason for the title of "Rise of the Non-State Hacker" isn't
really clear. The legal status of cyber warfare, in chapter three,
deals primarily with disagreements about military treaties. A guest
chapter (four) gives a solid argument for the use of "active defence"
(striking back at an attacker) in cyber attacks perceived to be acts
of war, based on international law in regard to warfare. The author
of the book is the founder of Project Grey Goose, and chapter five
talks briefly about some of the events PGG investigated, using them to
illustrate aspects of the intelligence component of cyber warfare (and
noting some policy weaknesses, such as the difficulties of obtaining
the services of US citizens of foreign birth). The social Web is
examined in chapter six, noting relative usage in Russia, China, and
the middle east, along with use and misuse by military personnel.
(The Croll social engineering attack, and Russian scripted attack
tools, are also detailed.) Ownership links, and domain registrations,
are examined in chapter seven, although in a restricted scope. Some
structures of systems supporting organized crime online are noted in
chapter eight. Chapter nine provides a limited look at the sources of
information used to determine who might be behind an attack. A grab
bag of aspects of malware and social networks is compiled to form
chapter ten. Chapter eleven lists position papers on the use of cyber
warfare from various military services. Chapter twelve is another
guest article, looking at options for early warning systems to detect
a cyber attack. A host of guest opinions on cyber warfare are
presented in chapter thirteen.
Carr is obviously, and probably legitimately, concerned that he not
disclose information of a sensitive nature that is detrimental to the
operations of the people with whom he works. (Somewhat ironically, I
reviewed this work while the Wikileaks furor over diplomatic cables
was being discussed.) However, he appears to have gone too far. The
result is uninteresting for anyone who has any background in
cybercrime or related areas. Those who have little to no exposure to
security discussions on this scale may find it surprising, but
professionals will have little to learn, here.
copyright, Robert M. Slade 2010 BKCYWRFR.RVW 20101204
====================== firstname.lastname@example.org email@example.com firstname.lastname@example.org
"Dictionary of Information Security," Syngress 1597491152 http://blogs.securiteam.com/index.ph...ves/author/p1/ http://twitter.com/rslade
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
Book reviews: [Base URL]mnbk.htm
Review mailing list: send mail to email@example.com