CyberWar

Si Vis Pacem, Para Bellum

By

The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability – CRS Report

The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability - CRS ReportIn September 2010, media reports emerged about a new form of cyber attack that appeared to target Iran, although the actual target, if any, is unknown. Through the use of thumb drives in computers that were not connected to the Internet, a malicious software program known as Stuxnet infected computer systems that were used to control the functioning of a nuclear power plant. Once inside the system, Stuxnet had the ability to degrade or destroy the software on which it operated. Although early reports focused on the impact on facilities in Iran, researchers discovered that the program had spread throughout multiple countries worldwide.

From the perspective of many national security and technology observers, the emergence of the Stuxnet worm is the type of risk that threatens to cause harm to many activities deemed critical to the basic functioning of modern society. The Stuxnet worm covertly attempts to identify and exploit equipment that controls a nation’s critical infrastructure. A successful attack by a software application such as the Stuxnet worm could result in manipulation of control system code to the point of inoperability or long-term damage. Should such an incident occur, recovery from the damage to the computer systems programmed to monitor and manage a facility and the physical equipment producing goods or services could be significantly delayed. Depending on the severity of the attack, the interconnected nature of the affected critical infrastructure facilities, and government preparation and response plans, entities and individuals relying on these facilities could be without life sustaining or comforting services for a long period of time. The resulting damage to the nation’s critical infrastructure could threaten many aspects of life, including the government’s ability to safeguard national security interests.

Iranian officials have claimed that Stuxnet caused only minor damage to its nuclear program, yet the potential impact of this type of malicious software could be far-reaching. The discovery of the Stuxnet worm has raised several issues for Congress, including the effect on national security, what the government’s response should be, whether an international treaty to curb the use of malicious software is necessary, and how such a treaty could be implemented. Congress may also consider the government’s role in protecting critical infrastructure and whether new authorities may be required for oversight.

Price: $0.99

Click here to buy from Amazon

By

National Defense Strategy – United States of America

National Defense Strategy - United States of AmericaThe United States, our allies, and our partners face a spectrum of challenges, including violent transnational extremist networks, hostile states armed with weapons of mass destruction, rising regional powers, emerging space and cyber threats, natural and pandemic disasters, and a growing competition for resources. The Department of Defense must respond to these challenges while anticipating and preparing for those of tomorrow. We must balance strategic risk across our responses, making the best use of the tools at hand within the U.S. Government and among our international partners. To succeed, we must harness and integrate all aspects of national power and work closely with a wide range of allies, friends and partners. We cannot prevail if we act alone.

As noted in the 2006 QDR, state actors no longer have a monopoly over the catastrophic use of violence. Small groups or individuals can harness chemical, biological, or even crude radiological or nuclear devices to cause extensive damage and harm. Similarly, they can attack vulnerable points in cyberspace and disrupt commerce and daily life in the United States, causing economic damage, compromising sensitive information and materials, and interrupting critical services such as power and information networks. National security and domestic resources may be at risk, and the Department must help respond to protect lives and national assets. The Department will continue to be both bulwark and active protector in these areas. Yet, in the long run the Department of Defense is neither the best source of resources and capabilities nor the appropriate authority to shoulder these tasks. The comparative advantage, and applicable authorities, for action reside elsewhere in the U.S. Government, at other levels of government, in the private sector, and with partner nations. DoD should expect and plan to play a key supporting role in an interagency effort to combat these threats, and to help develop new capacities and capabilities, while protecting its own vulnerabilities.

In the contemporary strategic environment, the challenge is one of deterring or dissuading a range of potential adversaries from taking a variety of actions against the U.S. and our allies and interests. These adversaries could be states or non-state actors; they could use nuclear, conventional, or unconventional weapons; and they could exploit terrorism, electronic, cyber and other forms of warfare. Economic interdependence and the growth of global communications further complicate the situation. Not only do they blur the types of threats, they also exacerbate sensitivity to the effects of attacks and in some cases make it more difficult to attribute or trace them. Finally, the number of potential adversaries, the breadth of their capabilities, and the need to design approaches to deterrence for each, create new challenges.

An underlying assumption in our understanding of the strategic environment is that the predominant near-term challenges to the United States will come from state and non-state actors using irregular and catastrophic capabilities. Although our advanced space and cyber-space assets give us unparalleled advantages on the traditional battlefield, they also entail vulnerabilities.

China is developing technologies to disrupt our traditional advantages. Examples include development of anti-satellite capabilities and cyber warfare. Other actors, particularly non-state actors, are developing asymmetric tactics, techniques, and procedures that seek to avoid situations where our advantages come into play.

Download National Defense Strategy – United States of America

By

Reverse Deception Organized Cyber Threat Counter-Exploitation

Reverse Deception Organized Cyber Threat Counter-ExploitationA complete guide to understanding and fighting advanced persistent threats—today’s most destructive risk to enterprise security

Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).

APTs cannot be seen, spread invisibly, and then continue to live in an enterprise network, undetected. In this one-of-a-kind book, the authors explain how to get—and stay—ahead of today’s well-organized and extremely persistent brand of network enemies. The book describes the characteristics of malware and botnets, how they can morph, evade detection, and spin off decoys that live in-network, while appearing to have been cleaned up and debugged. This detailed guide then reveals how to detect the appearance of malicious code, decode the types of enemies they originate from, and finally, how to extricate malcode and deflect its future entry into networks.

Reverse Deception: Organized Cyber Threat Counter-Exploitation features:

  • Full coverage of the #1 feared type of network attack today, the APT
  • Descriptions of cyber espionage tactics seen in the U.S. and internationally, with comparisons of the types of countermeasures permissible by law in the U.S. and Asia versus less strict countries in Europe, the Middle East, and Africa
  • Enthralling case studies and true stories from the authors’ FBI, DOD, NSA, and private sector work
  • Foreword by Fred Feer, a security professional with 40 years’ experience with the U.S. Army counterintelligence, CIA, RAND, and independent consulting
  • Complete coverage of key aspects of deception, counter-deception, behavioral profiling, and security within the cyber realm
  • Cat-and-mouse strategies from the best in the game—explains how to implement deception and disinformation techniques against a variety of incoming threats aimed at enticing adversaries out into the open
  • A fresh perspective on innovative, field-tested ideas for successfully countering current digital threats—plus expected characteristics of the next threats to come
  • Legal explanations of capabilities, limitations, and requirements for assisting law enforcement investigations

Coverage includes:
Deception Throughout History to Today; The Applications & Goals of Cyber Counterintelligence; The Missions and Outcomes of Criminal Profiling; Legal & Ethical Aspects of Deception; Attack Tradecraft; Operational Deception; Tools, Tactics & Procedures; Attack Attribution; Black Hat Motivators; Understanding Advanced Persistent Threats; When & When Not to Act; Implementation & Validation Tactics

Price: $40.00

Click here to buy from Amazon

 

By

Cyber Commander’s Handbook

Cyber Commander's HandbookThe global reliance on computers, networks and systems continues to grow. As our dependency grows so do the threats that target our military s Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance (C4ISR) systems as well as the operational components and electronic controls for our critical infrastructure. Over the past decade we have experienced a substantial rise in the complexity and sophistication of cyber attacks as well as a frightening increase in the impact of some of the attacks. Every computer is a potential cyber weapon waiting to be loaded and used by extremists, criminals, terrorists and rogue nation states. As the world becomes more and more dependent on computers and information technology, the greater the risk of cyber attacks. Government and military leaders now face this fact and our critical systems and infrastructure remain at great risk! This risk has made the ability to defend these critical systems and direct cyber attacks core capabilities required for the modern military. In the age of cyber conflict, leaders need to understand the weapons and strategies used to wage this rapidly evolving type of warfare. This handbook will provide the background needed to understand the new world of cyber warfare, define the tools and techniques for offensive and defensive action, and provide insight into the strategies behind building a dynamic and relevant cyber warfare capability.

Price: $29.95

By

The Third Industrial Revolution: How Lateral Power Is Transforming Energy, the Economy, and the World

The Third Industrial Revolution: How Lateral Power Is Transforming Energy, the Economy, and the WorldThe Industrial Revolution, powered by oil and other fossil fuels, is spiraling into a dangerous endgame. The price of gas and food are climbing, unemployment remains high, the housing market has tanked, consumer and government debt is soaring, and the recovery is slowing. Facing the prospect of a second collapse of the global economy, humanity is desperate for a sustainable economic game plan to take us into the future.

Here, Jeremy Rifkin explores how Internet technology and renewable energy are merging to create a powerful “Third Industrial Revolution.” He asks us to imagine hundreds of millions of people producing their own green energy in their homes, offices, and factories, and sharing it with each other in an “energy internet,” just like we now create and share information online.

Rifkin describes how the five-pillars of the Third Industrial Revolution will create thousands of businesses, millions of jobs, and usher in a fundamental reordering of human relationships, from hierarchical to lateral power, that will impact the way we conduct commerce, govern society, educate our children, and engage in civic life.

Rifkin’s vision is already gaining traction in the international community. The European Union Parliament has issued a formal declaration calling for its implementation, and other nations in Asia, Africa, and the Americas, are quickly preparing their own initiatives for transitioning into the new economic paradigm.

The Third Industrial Revolution is an insider’s account of the next great economic era, including a look into the personalities and players — heads of state, global CEOs, social entrepreneurs, and NGOs — who are pioneering its implementation around the world.

Price: $27.00

Click here to buy from Amazon

/* */