Authors: Paulo Shakarian, Jana Shakarian, Andrew Ruef
If you’re looking to learn about cyber warfare, but don’t know where to start, you might prefer picking up a book instead of searching for information dispersed on the Internet. Read on to see if this is the right one for you.
About the authors
Paulo Shakarian, Ph.D. is a Major in the U.S. Army and an Assistant Professor of Computer Science at West Point, teaching classes on computer science and information technology.
Jana Shakarian is a Research Fellow at the West Point Network Science Center conducting sociological research in support of various DoD-sponsored projects.
Andrew Ruef is a Senior Systems Engineer at the firm Trail of Bits (New York, NY) where he conducts information security analysis.
Inside the book
Only a person wholly out of the news loop could fail to notice that the topics of cyber espionage, sabotage and cyber conflict have almost moved in the daily conversation. The recent PRISM scandal is only the last of a rather long string of news unearthing this new reality.
In a short introduction, the authors have managed to effectively describe a number of occurrences that present different facets of cyber warfare. As the book continues, the authors’ military background becomes even more obvious, as they present case studies (“past battles”) and show us things that can be learned from them.
Naturally, they started with a chapter defining the idea of cyber war, and the issues of attribution, deception, and intelligence.
The first part of the book deals with cyber attacks: Russian hackers’ packet flooding of Estonian computer systems in 2007; the 2008 Russian cyber campaign against Georgia, and how the attack was coordinated with that of conventional, real-world army forces; the Israel-Hezbollah “July War” of 2006, cyber attacks against media and dissidents, and non-state sponsored attacks such as the ones perpetrated by Anonymous and affiliated groups.
The second one addresses cyber espionage and exploitation, especially the various aspects of Chinese cyber strategy, the various spying tools / malware such as Duqu and Flame that is considered to have been developed by hackers working for a nation-state, espionage via social networking, and information theft during real-world conflicts.
Finally, the third one deals with cyber sabotage – attacks against critical national infrastructure and industrial facilities.
The too-short conclusion gives a few theories about the future of cyber warfare, and the book ends with a two extremely comprehensive timelines of Anonymous and LulzSec attacks (date, scope, reasons).
This book will give you a good base on the topic of cyber warfare and its different aspects. Despite its length, it tackles many incidents, so the authors have understandably not gone extremely in-depth. If you are interested in knowing more about each of the touched upon issues and incidents, they have provided many, many references and have offered a number of additional sources.
The military-style approach to the subject turned out to be perfect – the book is a balanced blend of history and technical details that makes it very easy to read. The only thing that I wished for while reading it was that some of the authors were foreigners (i.e. non-US citizens), so that I could enjoy their takes on the subject.