According to the FBI, about 4000 ransomware attacks happen every day. In the United States alone, victims lost $209 million to ransomware in the first quarter of 2016. Even worse is the threat to critical infrastructure, as seen by the malware infections at electrical distribution companies in Ukraine that caused outages to 225,000 customers in late 2015. Further, recent reports on the Russian hacks into the Democratic National Committee and subsequent release of emails in a coercive campaign to apparently influence the U.S. Presidential Election have brought national attention to the inadequacy of cyber deterrence. The U.S. government seems incapable of creating an adequate strategy to alter the behavior of the wide variety of malicious actors seeking to inflict harm or damage through cyberspace. This book offers a systematic analysis of the various existing strategic cyber deterrence options and introduces the alternative strategy of active cyber defense. It examines the array of malicious actors operating in the domain, their methods of attack, and their motivations. It also provides answers on what is being done, and what could be done, by the government and industry to convince malicious actors that their attacks will not succeed and that risk of repercussions exists. Traditional deterrence strategies of retaliation, denial and entanglement appear to lack the necessary conditions of capability, credibly, and communications due to these malicious actors’ advantages in cyberspace. In response, the book offers the option of adopting a strategy of active cyber defense that combines internal systemic resilience to halt cyber attack progress with external disruption capacities to thwart malicious actors’ objectives. It shows how active cyber defense is technically capable and legally viable as an alternative strategy for the deterrence of cyber attacks.
The spectacular cyber attack on Sony Pictures and costly hacks of Target, Home Depot, Neiman Marcus, and databases containing sensitive data on millions of U.S. federal workers have shocked the nation. Despite a new urgency for the president, Congress, law enforcement, and corporate America to address the growing threat, the hacks keep coming—each one more pernicious than the last—from China, Russia, Iran, North Korea, the Middle East, and points unknown. The continuing attacks raise a deeply disturbing question: Is the issue simply beyond the reach of our government, political leaders, business leaders, and technology visionaries to resolve? In Hacked, veteran cybersecurity journalist Charlie Mitchell reveals the innovative, occasionally brilliant, and too-often hapless government and industry responses to growing cybersecurity threats. He examines the internal power struggles in the federal government, the paralysis on Capitol Hill, and the industry's desperate effort to stay ahead of both the bad guys and the government.
Dark networks are the illegal and covert networks (e.g, insurgents, jihadi groups, or drug cartels) that security and intelligence analysts must track and identify to be able to disrupt and dismantle them. This text explains how this can be done by using the Social Network Analysis (SNA) method. Written in an accessible manner, it provides an introduction to SNA, presenting tools and concepts, and showing how SNA can inform the crafting of a wide array of strategies for the tracking and disrupting of dark networks.
The Use of Force, long considered a classic in its own right, brings together enduring, influential works on the role of military power in foreign policy and international politics. Now in its eighth edition, the reader has been significantly revised; with twenty innovative and up-to-date selections, this edition is 60 percent new. Meticulously chosen and edited by leading scholars Robert J. Art and Kelly M. Greenhill, the selections are grouped under three headings: theories, case studies, and contemporary issues. The first section includes essays that cover the security dilemma, terrorism, the sources of military doctrine, the nuclear revolution, and the fungibility of force. A new subsection of Part I also deals with ethical issues in the use of force. The second section includes case studies in the use of force that span the period from World War I through the war in Afghanistan. The final section considers issues concerning the projection of US military power; the rising power of China; the spread of biological and nuclear weapons and cyberwarfare; intervention in internal conflicts and insurgencies; and possible future developments in terrorism, nuclear abolition, and robotic warfare. Continuing the tradition of previous editions, this fully updated reader collects the best analysis by influential thinkers on the use of force in international affairs.
Contributions by: Bruce J. Allyn, Kenneth Anderson, Robert J. Art, Mark S. Bell, Richard K. Betts, Laurie R. Blank, James G. Blight, Stephen G. Brooks, Seyom Brown, Daniel Byman, Audrey Kurth Cronin, Patrick M. Cronin, Alexander B. Downes, Karl W. Eikenberry, John Lewis Gaddis, Erik Gartke, Alexander L. George, Avery Goldstein, Kelly M. Greenhill, G. John Ikenberry, Robert Jervis, Gregory Koblentz, Peter R. Mansoor, John J. Mearsheimer, Nicholas L. Miller, Louis C. Morton, Barry R. Posen, Louise Richardson, George B. Samson, Thomas C. Schelling, Jack L. Snyder, Paul Staniland, Barbara F. Walter, Kenneth N. Waltz, Matthew Waxman, David A. Welch, Jon Western, and William C. Wohlforth.
With the sudden, pervasive rise of the Internet, widespread random attacks from viruses, worms, and bots were used to engage in cyber crime and disruptive behavior. As these threats mature, they turn into targeted attacks against banks, large data processors, and governments. Today, such targeted attacks have become the greatest threat facing every organization, including both small and large companies, and governments of all sizes. In this new book, Stiennon presents a comprehensive view of the technology, methodology, and tools needed to defend digital assets from targeted attacks. It is an in-depth manual on the tools, techniques, technology, and policies needed to defend organizations from cyber espionage, Denial-of-Service attacks, and stealthy infiltration.
Stiennon addresses security practitioners, IT managers of corporate and government sites, and government agency officials determining cyber policies. He explains why countering targeted attacks requires new investment in technology, as well as changes to security operations and organizations. He addresses new services and products that have arisen to assist in the task of discovering and blocking targeted attacks, and how deploying these technologies properly is a critical defense against targeted attacks. Each chapter introduces a technology, the types of attacks it defends against, and the products and services available which are suited to the task. This book is a must read for anyone who wants to understand the evolution of the security industry, the threats that drive it, the incidents that highlight the rapid changes in cyber crime, and how to defend against them.