Conflict in cyberspace is becoming more prevalent in all public and private sectors and is of concern on many levels. As a result, knowledge of the topic is becoming essential across most disciplines. This book reviews and explains the technologies that underlie offensive and defensive cyber operations, which are practiced by a range of cyber actors including state actors, criminal enterprises, activists, and individuals. It explains the processes and technologies that enable the full spectrum of cyber operations. Readers will learn how to use basic tools for cyber security and pen-testing, and also be able to quantitatively assess cyber risk to systems and environments and discern and categorize malicious activity.
The book provides key concepts of information age conflict technical basics/fundamentals needed to understand more specific remedies and activities associated with all aspects of cyber operations. It explains techniques associated with offensive cyber operations, with careful distinctions made between cyber ISR, cyber exploitation, and cyber attack. It explores defensive cyber operations and includes case studies that provide practical information, making this book useful for both novice and advanced information warfare practitioners.
Table Of Contents
Part I: Key concepts of information age conflict: Characteristics and definitions of Cyberspace, Cybersecurity, Information Security, Information Warfare and Electronic Warfare; The life cycle of a cyber attack / Steps of Cyber Attacks; Calculating cyber risk (threats and vulnerabilities); The legalities of information age conflict; Part II: Fundamentals of Information Communication Technologies: Digital communications; Networking Technologies; Packet Switched Networking; Internet protocols; The Internet and its underlying architectures; Part III: Cyberwar Tools, Techniques, and Procedures: Reconnaissance techniques for offensive cyber operations; Scanning tools and techniques for offensive cyber operations; Exploitation tools and techniques for offensive cyber operations; Electronic Warfare; Part IV: Cybersecurity Tools, Techniques, and Procedures: Tools and techniques for identifying threats and vulnerabilities; Tools and techniques for protecting assets from threats and vulnerabilities (encryption); Tools and techniques for detecting attacks; Tools and techniques for responding to attacks; Tools and techniques for recovering from attacks; Part V: Case Studies: Vulnerabilities and exploits in Automotive and Surface Transportation Sector; Vulnerabilities and exploits of industrial control systems; Vulnerabilities and exploits in maritime; Vulnerabilities and exploits of voting machines; Vulnerabilities and exploits of social media and Information Warfare.
Isaac R. Porche, III
is a chief engineer at a large defense contractor. He was formerly a senior engineer at the RAND Corporation, where he served as the Director of the Acquisition and Development Program in the Homeland Security Operational Analysis Center. He is a former member of the U.S. Army Science Board and is currently an adjunct instructor for Carnegie Mellon University’s Institute for Politics and Strategy. He has testified before Congress on the topic of cyber threats and he once led a congressionally mandated study on cybersecurity needs of the legislative branch. He received his Ph.D. in electrical engineering and computer science from The University of Michigan.