Cyber Warfare : Techniques, Tactics and Tools for Security Practitioners.

Format:

Book

Author/Creator:

Andress, Jason.

Contributor:

Winterfeld, Steve.

Language:

English

Subjects (All):

Information warfare--Handbooks, manuals, etc.

Information warfare -- Handbooks, manuals, etc.

Computer networks--Security measures--Handbooks, manuals, etc.

Computer networks -- Security measures -- Handbooks, manuals, etc.

Physical Description:

1 online resource (325 pages)

Edition:

2nd ed.

Place of Publication:

San Diego : Elsevier Science & Technology Books, 2013.

Contents:

Front Cover

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners

Copyright

Contents

Acknowledgments

Foreword

Why a Book on Cyber Warfare Is Important

Why Should You Read This Book

References

Introduction

Book Overview and Key Learning Points

Book Audience

How this Book is Organized

Chapter 1: What is Cyber Warfare?

Chapter 2: Cyber Threatscape

Chapter 3: The Cyberspace Battlefield

Chapter 4: Cyber Doctrine

Chapter 5: Cyber Warriors

Chapter 6: Logical Weapons

Chapter 7: Physical Weapons

Chapter 8: Psychological Weapons

Chapter 9: Computer Network Exploitation

Chapter 10: Computer Network Attack

Chapter 11: Computer Network Defense

Chapter 12: Non-State Actors in Computer Network Operations

Chapter 13: Legal System Impacts

Chapter 14: Ethics

Chapter 15: Cyberspace Challenges

Chapter 16: The Future of Cyber War

Appendix: Cyber Timeline

Conclusion

What is Cyber Warfare?

Background

Definition for Cyber Warfare

Tactical and Operational Reasons for Cyber War

Cyber Strategy and Power

Cyber Arms Control

What is the United States Doing about the Threat of a Cyber War?

Have We Seen a Cyber War?

Case Studies

The Debate (is it Real?)

Why Cyber Warfare is Important

Summary

How Did We Get Here?

Attack Methodology with the Tools and Techniques Used to Execute Them

Mapping Sample of Well-known Tools to the Process

Attackers (Major Categories of Threats)

Advanced Persistent Threat

Organized Crime

Insider Threat

Hacktivist

Script Kiddies/Noobs

Defense in Depth-How Organizations Defend Today (Defensive Mountain Range)

What the Threat is After (What We Should Focus on Defending)

References.

Chapter 3: The Cyberspace Battlefield

Boundaries in Cyber Warfare

Defense in Depth

Physical Infrastructure

Organizational View

Where Cyber Fits in the War-Fighting Domains

Land Domain

Sea Domain

Air Domain

Space Domain

Cyber Domain

Combined Arms

Review of the Threat Actors

Most Active Threats

Most Dangerous Threats

Motivations

Fielding Systems at the Speed of Need

Current U.S. Doctrine

U.S. Forces

Joint Doctrine

U.S. Air Force

U.S. Navy

U.S. Army

DoD INFOCONs

Sample Doctrine/Strategy from Around the World

Chinese Doctrine

Other Asian Countries

European Countries

Private or Mercenary Armies

Key Military Principles That Must be Adapted to Cyber Warfare

Intelligence Preparation of the Operational Environment

Joint Munitions Effectiveness Manual

Measures of Effectiveness

Battle Damage Assessment

Close Air Support

Counterinsurgency

Guidance and Directives

Comprehensive National Cybersecurity Initiative

Department of Homeland Security

Homeland Security/Presidential Directives

National Institute of Standards and Technology

Academia and Industry Associations

Operations and Exercises

Federal Exercises

DoD Exercises

Educational Exercises

Sample MESLs

What Does a Cyber Warrior Look Like?

Certifications

Education and Training

Education

Training

Experience and Skills

Differences from Traditional Forces

Age

Attitude

Physical Condition

Credentials

Present Cyber Warfare Forces

U.S.

U.S. Cyber Command

China

Russia

France

Israel

Brazil

Singapore

South Korea

North Korea

Australia

Malaysia

Japan

Canada

United Kingdom.

Other Countries with Cyber Forces

Corporate

Criminal

Staffing for Cyber War

Sources of Talent

Training the Next Generation

The Training Paradigm

Teaching the Needed Skills

Issues in Training for Cyber Warfare

Reconnaissance Tools

General Information Gathering

Websites and Web Servers

Search Engines

Google Hacking

The Deep Web

Whois

DNS

Metadata

Metagoofil

Exiftool

Strings

Maltego

Defense

Scanning Tools

Nmap

Nessus

Access and Escalation Tools

Password Tools

The Metasploit Project

The Metasploit Framework

Metasploit Express and Metasploit Pro

Immunity CANVAS

Exfiltration Tools

Physical Exfiltration

Encryption and Steganography

Using Common Protocols

Out of Band Methods

Sustainment Tools

Adding ``Authorized´´ Access

Backdoors

Assault Tools

Meddling with Software

System Resources

System Environment

Attacking Hardware

Obfuscation Tools

Location Obscuration

Log Manipulation

File Manipulation

How the Logical and Physical Realms Are Connected

Logical Systems Run on Physical Hardware

Logical Attacks can have Physical Effects

Infrastructure Concerns

What is SCADA?

What Security Issues are Present in the World of SCADA?

What are the Consequences of SCADA Failures?

Supply Chain Concerns

Compromised Hardware

Deliberately Corrupted Components

Nontechnical Issues

Tools for Physical Attack and Defense

Electromagnetic Attacks

Electromagnetic Pulse Weapons

Jamming

Defense Against Conventional Attacks

Redundant Infrastructure

Facility and Equipment Hardening

Covert Activity.

Eavesdropping on Electromagnetic Emissions

Vandalism/Denial of Service

Attacking Physical Access Controls

Tailgating

Locks

Defending Against Covert Attacks

Social Engineering Explained

Is SE Science?

SE TTPs

General Access Attacks

Specific Targeted Access Attacks

Types of SE Approaches

Types of SE Methodologies

How the Military Approaches SE

Army Doctrine

How the Military Defends Against SE

How the Army Does CI

An Air Force Approach

Intelligence and Counter-Intelligence

Sources of Cyber Attacks

Attackers and Sponsors of Attacks

Reconnaissance

Open Source Intelligence

Passive Reconnaissance

Surveillance

Justifications for Surveillance

Voice Surveillance

Data Surveillance

Large-Scale Surveillance Programs

Uses of Surveillance Data

Waging War in the Cyber Era

Physically

Electronically

Logically

Reactively Versus Proactively

Time as a Factor

The Attack Process

Recon

Scan

Access

Escalate

Exfiltrate

Assault

Sustain

Obfuscate

What We Protect

Confidentiality, Integrity, Availability

Integrity

Availability

Authenticate, Authorize, and Audit

Security Awareness and Training

Awareness

Defending Against Cyber Attacks

Policy and Compliance

Surveillance, Data Mining, and Pattern Matching

Intrusion Detection and Prevention

Vulnerability Assessment and Penetration Testing

Disaster Recovery Planning

Chapter 12: Non-State Actors in Computer Network Operations.

Individual Actors

Script Kiddies

Malware Authors

Scammers

Blackhats

Hacktivists

Patriotic Hackers

Corporations

Motivation for Corporations to Act in Cyber Warfare

Cyber Terrorism

Reasons for Cyber Terrorist Attacks

What will Happen When we see a Cyber Terrorist Attack?

Organized Cyber Crime

Motivations for Criminal Organizations

Autonomous Actors

Exploratory Systems

Attack Systems

Defensive Systems

Unresolved Questions

Legal Systems

International

Maritime Law

Space Law

United States Laws

Criminal Law

Electronic Discovery

Key U.S. Laws

International Trafficking in Arms Regulations

U.S. Cyber Related Laws

Computer Fraud and Abuse Act

Cyber Security Enhancement Act

Federal Information Security Management Act

Standards to Support Cybersecurity

Privacy Impacts

Electronic Communications Privacy Act

Digital Forensics

Certification

Ethics in Cyber Warfare

Use of Force

Intent

Attribution

Military Laws Based on Ethical Systems

Law of Armed Conflict

Bellum Iustum (Just War Theory)

Jus ad Bellum (The Right to Wage War)

Right Authority

Right Intention

Probability of Success

Last Resort

Proportionality

Jus in Bello (Proper Conduct in War)

Distinction

Noncombatants

Collateral Damage

Limiting Attacks

Jus Post Bellum (Justice After War)

Seek a Lasting Peace

Hold Morally Culpable Individuals Accountable

Extract Reparations

Cybersecurity Issues Defined

Policy

Processes

Technical

Skills

People

Organization

Core (Impacting all Areas)

Interrelationship of Cybersecurity Challenges.

Way Ahead.

Notes:

Description based on publisher supplied metadata and other sources.

Other Format:

Print version: Andress, Jason Cyber Warfare

ISBN:

9780124166332

OCLC:

862048796