Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Inside Cyber Warfare
Foreword
Preface
How This Book Came to Be
Conventions Used in This Book
Using Code Examples
How to Contact Us
Safari® Books Online
Acknowledgments
1. Assessing the Problem
The Complex Domain of Cyberspace
Cyber Warfare in the 20th and 21st Centuries
China
Israel
Russia
The Second Russian-Chechen War (1997–2001)
The Estonian cyber war (2007)
The Russia-Georgia War (2008)
Iran
North Korea
Cyber Espionage
Titan Rain
Cyber Crime
Future Threats
Increasing Awareness
Critical Infrastructure
The Conficker Worm: The Cyber Equivalent of an Extinction Event?
Africa: The Future Home of the World’s Largest Botnet?
The Way Forward
2. The Rise of the Non-State Hacker
The StopGeorgia.ru Project Forum
Counter-Surveillance Measures in Place
The Russian Information War
The Foundation for Effective Politics’ War on the Net (Day One)
The Gaza Cyber War Between Israeli and Arabic Hackers During Operation Cast Lead
Impact
Overview of Perpetrators
Motivations
Hackers’ Profiles
Team Evil
Cold Zero (aka Cold Z3ro aka Roma Burner)
Team Hell (aka Team H3ll and Team Heil)
Agd_Scorp/Peace Crew (aka Agd_Scorp/Terrorist Crew)
Jurm Team
C-H Team (aka H-C Team)
Hackers Pal
Gaza Hacker Team
DNS Team
!TeAm RaBaT-SaLe! (aka Team Rabat-Sale aka Team Rabat-Sala)
DZ Team
Ashianeh Security Group
Nimr al-Iraq (“The Tiger of Iraq”) and XX_Hacker_XX
Methods of Attack
Distributed denial of service (DDoS) capability
Website defacements
Viruses and Trojans
Israeli Retaliation
Control the Voice of the Opposition by Controlling the Content in Cyberspace: Nigeria
Are Non-State Hackers a Protected Asset?
3. The Legal Status of Cyber Warfare
Nuclear Nonproliferation Treaties
The Antarctic Treaty System and Space Law
UNCLOS
MALT
U.S. Versus Russian Federation: Two Different Approaches
The Law of Armed Conflict
Is This an Act of Cyber Warfare?
South Korea
Iran
Tatarstan
United States
Kyrgyzstan
Israel and the Palestinian National Authority
Zimbabwe
Myanmar
Cyber: The Chaotic Domain
4. Responding to International Cyber Attacks As Acts of War
Introduction by Jeffrey Carr
Introduction
The Legal Dilemma
The Road Ahead: A Proposal to Use Active Defenses
The Law of War
General Prohibition on the Use of Force
The First Exception: UN Security Council Actions
The Second Exception: Self-Defense
A Subset of Self-Defense: Anticipatory Self-Defense
An Alternate Basis for Using Active Defenses: Reprisals
Non-State Actors and the Law of War
Armed Attacks by Non-State Actors
Duties Between States
Imputing State Responsibility for Acts by Non-State Actors
Cross-Border Operations
Analyzing Cyber Attacks Under Jus ad Bellum
Cyber Attacks As Armed Attacks
Establishing State Responsibility for Cyber Attacks
The Duty to Prevent Cyber Attacks
Support from International Conventions
Support from State Practice
Support from the General Principles of Law
Support from Judicial Opinions
Fully Defining a State’s Duty to Prevent Cyber Attacks
Sanctuary States and the Practices That Lead to State Responsibility
The Choice to Use Active Defenses
Technological Limitations and Jus ad Bellum Analysis
Limitations on attack detection
Limitations on attack classification
Limitations on attack traces
Jus in Bello Issues Related to the Use of Active Defenses
Active defenses: The most appropriate forceful response
Technological limitations and jus in bello analysis
Conclusion
5. The Intelligence Component to Cyber Warfare
The Korean DDoS Attacks (July 2009)
The Botnet Versus the Malware
The DPRK’s Capabilities in Cyberspace
One Year After the RU-GE War, Social Networking Sites Fall to DDoS Attack
Ingushetia Conflict, August 2009
The Predictive Role of Intelligence
6. Non-State Hackers and the Social Web
Russia
China
The Middle East
Pakistani Hackers and Facebook
The Dark Side of Social Networks
The Cognitive Shield
Examples of OPSEC violations
Adversary scenarios
Study findings
TwitterGate: A Real-World Example of a Social Engineering Attack with Dire Consequences
Automating the Process
Catching More Spies with Robots
The automation and virtualization of social network entities
Owning social network users for a small budget of $300–$1,300
Bringing down a social network from the inside
7. Follow the Money
False Identities
Components of a Bulletproof Network
ICANN
The Accredited Registrar
The Hosting Company
The Bulletproof Network of StopGeorgia.ru
StopGeorgia.ru
NAUNET.RU
SteadyHost.ru
Innovation IT Solutions Corp
Mirhosting.com
SoftLayer Technologies
SORM-2
The Kremlin and the Russian Internet
Nashi
The Kremlin Spy for Hire Program
Sergei Markov, Estonia, and Nashi
A Three-Tier Model of Command and Control
8. Organized Crime in Cyberspace
A Subtle Threat
Atrivo/Intercage
ESTDomains
McColo: Bulletproof Hosting for the World’s Largest Botnets
Russian Organized Crime and the Kremlin
9. Investigating Attribution
Using Open Source Internet Data
Background
What Is an Autonomous System Network?
Timeline of political events
Analysis
Alternate views
Team Cymru and Its Darknet Report
Using WHOIS
Caveats to Using WHOIS
10. Weaponizing Malware
A New Threat Landscape
StopGeorgia.ru Malware Discussions
SQL injection, blind SQL injection, and using BENCHMARK
Twitter As DDoS Command Post Against Iran
Social Engineering
The Social Graph API
Channel Consolidation
An Adversary’s Look at LinkedIn
BIOS-Based Rootkit Attack
Malware for Hire
Anti-Virus Software Cannot Protect You
Targeted Attacks Against Military Brass and Government Executives
Research is the key to offensive capabilities
Delivery of targeted attacks
Command, control, and exfiltration of data
Why client-side 0day vulnerabilities can be so devastating
Protecting against 0day exploits
Defense in Depth
Using technologies such as MOICE and virtualization
Physical separation between data of varying sensitivity
11. The Role of Cyber in Military Doctrine
The Russian Federation
The Foundation for Effective Politics (FEP)
Chronicles of Information Warfare
Analysis
“Wars of the Future Will Be Information Wars”
Who is Alexandr Burutin?
The speech
Analysis
“RF Military Policy in International Information Security”
The paper
Creating a legend for a cyber attack
The Art of Misdirection
China Military Doctrine
Anti-Access Strategies
The 36 Stratagems
U.S. Military Doctrine
12. A Cyber Early Warning Model
Introduction by Jeffrey Carr
The Challenge We Face
Cyber Early Warning Networks
Building an Analytical Framework for Cyber Early Warning
Latent tensions
Cyber reconnaissance
Initiating event
Cyber mobilization
Cyber attack
Cases Studies of Previous Cyber Attacks
Case study: Cyber attacks against Georgia
Case study: GhostNet cyber espionage
Case study: Cyber attacks against Denmark
Lessons Learned
Defense Readiness Condition for Cyberspace
13. Advice for Policy Makers from the Field
When It Comes to Cyber Warfare: Shoot the Hostage
The United States Should Use Active Defenses to Defend Its Critical Information Systems
Scenarios and Options to Responding to Cyber Attacks
Scenario 1
Option 1
Option 2
Option 3
Option 4
Scenario 2
Option 1
Option 2
Scenario 3
Option 1
Scenario 4
Option 1
In Summary
Whole-of-Nation Cyber Security
A. Afterword
Index
Colophon
← Prev
Back
Next →
← Prev
Back
Next →