Book Review: Inside Cyber Warfare: Mapping the Cyber Underworld
Book Review: Inside Cyber Warfare: Mapping the Cyber Underworld by Jeffrey Carr, O'Reilly 2010
If you think you have a good handle on how big a problem hacking has become for the world at large, think again. Inside Cyber Warfare is going to change your view completely. If you think it's just bored teenagers and introverted misfits that are attacking systems, you're dangerously out of touch. It's organized crime and the political underground. It's hackers hired or condoned by corrupt bureaucracies. And they're out to steal money and industrial secrets, fight battles over public opinion, destroy the effectiveness of enemy groups and break critical infrastructure.
"Cyber warfare" refers to any massively coordinated digital assault whether conducted by one government upon another or by some political or criminal group. The effects can be limited or widespread. Imagine cyber attacks that could shut down nuclear power plants or communications. Imagine banks and hospitals paralyzed by malware infestations. Cyber warfare goes well beyond embarrassing web site defacement.
Reading this book, you will not only get an idea of the scope of the problem, you will find yourself pondering some extremely timely and intricately complicated issues -- such as the conditions under which cyber attacks should be seen and treated as acts of war. You'll different between state (perpetrated by government resources) versus non-state (perpetrated by citizens) attackers. Questions like "Should host states that refuse to cooperate with victim states (i.e., sanctuary states) be held responsible for those attacks?" will nag you. You'll see how countries are trying to determine where to place cyber attacks on the attack "grid" and determine what kind of response is both reasonable and fair. The fact that the US and Russia offer different responses to this question is neither surprising nor comforting.
You'll read about a handful of attacks that illustrate what various groups are and have been doing. Estonia, for example, was the subject of an attack in 2006 after the Estonian government decided to move a Soviet-era monument to another location, upsetting the country's ethnic Russian citizens. You'll read about Russian and Chinese hackers and how they're encouraged. You'll be introduced to the concept of "active defense" (but without enough detail to determine the forms that this might take) and "trace programs" (but without addressing the complexity and reliability of trace programs).
You'll read about how social web sites are being mined, how China is committed to penetrating networks of more technologically advanced nations and how attacks often originate from systems in the US. You'll ponder questions like "What does weaponizing malware really mean?" You'll start seeing the connections between a DoS (denial of service) attack against Twitter and an attack on the Brazilian power grid.
You'll start worrying about all those pirated and unpatched Windows installations in Africa and start asking yourself what kind of botnet attacks could be initiated from them.
Chapter 4 by Matthew Sklerov was particularly stimulating. It delves into various models of unconventional attack and the criteria for determining whether an attack should be viewed as an "armed attack" -- severity, immediacy, directness, invasiveness, measurability and presumptive legitimacy.
"Inside Cyber Warfare" is no easy read, It's both intense and probing. It gives the reader a grasp on the enormity of the threat and the complexity of the problem posed by organized and motivated hackers. You'll close this book with enough insight to make you see the outline of the problem like a huge shadow hovering over the Internet. This absolutely fascinating book will make good security all the more meaningful and important.
I left this book both fascinated and scared. This is not your grandfather's Internet.