Author: Jason Andress & Steve Winterfeld
Aimed at: General reader rather than "practitioners"
Pros: Readable and sometimes interesting
Cons: Ignores what distinguishes state-sponsored from other hacking, not practical
Reviewed by: Alex Armstrong
A book on cyber warfare is topical just at the moment with so much supposed state-sponsored hacking going on. There is an element of sensationalism and a willingness to be shocked about the whole current situation - so willl this particular book manage to avoid the hype?
Before going into the details of what the book is about it is worth noting that the subtitle "Techniques, Tactics and Tools for Security Practitioners" leads you to believe that this going to be a practical book. It also suggests that rather than telling you about how to conduct a cyber war the aim is to tell you how to resist one. This is slightly puzzling because cyber warfare is just hacking writ large, so how can the security needed to oppose it be any different from dealing with the current threat from individual or non-state sponsored groups?
Chapter 1 attempts to put cyber warfare into context by defining it. Not a simple technical definition, but a wander into politics and the official organizations that are concerned with cyber warfare. When you get headings like "Have we seen a cyber war" you know that you are into speculation and vague suggestions wrapped up in official jargon speak. I simply fell asleep through this section - but then I'm waiting for the technical details.
Chapter 2: The Cyberspace Battlefield continues the boring wordy discussion of the nature of the threat and attempts to put it into the context of traditional warfare.If you have been reading the news there is nothing new here. Chapter 3 takes us into Cyber Doctrine - yes more politics! This is mostly US centric but there are some interesting details of what other countries are up to - and there is a "know your enemy" element here and this brings us to Chapter 4, where there's an attempt to paint a picture of the typical cyber warrior. This all seems to be based on hearsay and analysis of who attends security conferences. It concludes that these guys are not like traditional soldier - well I hope not. If I tell you that there is a section titled "Staffing for Cyber War" you will understand that this isn't really relevant to the likes of you and me.
Chapter 5 looks more promising in terms of practical things but it simply goes over what you should already know. Reconnaissance tools aka - websites and search engines, scanning tools, encryption, obfuscation and so on. This is just an account of the basic tools of hacking.
Chapter 6 moves on to consider physical approaches. However this isn't only about physical approaches to hacking but hacking applied to physical systems, i.e. SCADA. The problem is described but not in much detail. Later the chapter does consider physical approaches in the form of EM pulse weapons and jamming - but this is all too brief and we move on to consider lock picks instead. So cyber warfare comes down to physically picking locks.
There are so many topics left out of this chapter that it is difficult to know where to begin. Why is there nothing on wiretapping in general - fibre optic, mobile phones, routers, and so on? Why nothing on detecting the state of a system using nothing but radio snooping? Why is there nothing on the "blinking lights" technique for reading data streams? The list goes on.
Chapter 7 looks at social engineering and it is an account of how systems are broken into by simple confidence trickery. Nothing new here and nothing that is useful beyond drawing attention to one of the most common ways a system is hacked.
Chapters 8, 9 and 10 consider network exploitation which is a little odd as this is presumably the core battleground of any cyber war attack. What do we expect to happen? Teams of cyber warriors landing on the coast and hacking into computer systems after breaking into facilities? No, any cyber attack is going to come over the wires so having three chapters late on the book devoted to network attacks seems a little odd. If you bother to read all three, and you know even a little about hacking or network security, you have to conclude that there is nothing new here.
Chapter 11 returns to the bigger picture and considers the aspects of non-state originated cyber attacks - cyber crime and terrorism. This makes interesting political reading but nothing technical here either. Chapter 12 at least doesn't promise anything technical as it is about the legal implications. Chapter 13 extends these considerations to ethics.
The final two chapters round out the discussion with a very general look at where we are and what the future holds.
There are parts of this book that are quite interesting if you want to get a feel for the possibilities, but technical it isn't. It most definitely doesn't live up to its subtitle and if you buy it on this basis you are going to be disappointed. The key thing is that cyber warfare is just hacking and there isn't anything new to be written about the technology apart from the simple fact that governments and large organizations can afford to throw huge amounts of money at problems that individual hackers can only hope to solve by luck or cunning.
What is also interesting is the range of topics not covered or insufficiently covered. What about cracking codes using cloud computing or using the supercomputers that so many governments seem keen on building.
If cyber warfare is different from simple hacking then it has to be due to the resources that can be utilised and this is something that the book misses completely in its reams of political, organizational, legal and ethical detail.
Don't buy this book if you are looking for anything to do with technology and don't buy it if you want a consideration of how state sponsored hacking differs from the usual type.