SlideShare a Scribd company logo

Cybersecurity and-cyberwar-singer-en-22186

Avirot Mitamura
Avirot Mitamura

Cyber Security, Cyber War .. The Future of Internet. plus IoT (Internet of Thing)

Technology
1 of 5
Download to read offline
To purchase personal subscriptions or corporate solutions, visit our website at www.getAbstract.com, send an email to info@getabstract.com, or call us at our US office (1-877-778-6627) or at our Swiss office (+41-41-367-5151). getAbstract is an Internet-based knowledge rating service and publisher of book abstracts. getAbstract maintains complete editorial responsibility for all parts of this abstract. getAbstract acknowledges the copyrights of authors and publishers. All rights reserved. No part of this abstract may be reproduced or transmitted in any form or by any means – electronic, photocopying or otherwise – without prior written permission of getAbstract Ltd. (Switzerland). 1 of 5 Cybersecurity and Cyberwar What Everyone Needs to Know P.W. Singer and Allan Friedman Oxford World’s Classics © 2014 306 pages [@]   Rating 9 Applicability 8 Innovation 8 Style 9   Focus Leadership & Management Strategy Sales & Marketing Finance Human Resources IT, Production & Logistics Career & Self-Development Small Business Economics & Politics Industries Global Business Concepts & Trends Take-Aways • In 2010, the computer security firm McAfee found new malware every 15 minutes. By 2013, it found a new example each second. • The Stuxnet worm provides a case study in bloodless cyberwarfare with no military or civilian casualties. • Stuxnet infiltrated Iran’s nuclear program through Iranian scientists’ flash drives and laptops, and adjusted engineers’ equipment to self-sabotage. • Civilians will suffer from cyberwar as combatants use civilian networks to wage war. • Cyberwarriors can compromise an enemy’s defense networks. • In a midnight raid in 2007, seven Israeli fighter jets bombed targets in Syria as the Syrian air-defense network sat silent. • This raid proved that a military could take control of an enemy’s systems and networks. • Some believe the US military should launch a Cyber Command to focus on technology. • Much of the discussion of cybersecurity policy involves classified information; civilian political leaders have little opportunity to shape the debate. • Cloud computing, mobile computing and big data will shape the future of cybersecurity. This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 2 of 5 getabstract Relevancegetabstract getabstract What You Will Learn In this summary, you will learn:r1) How cyberwar evolved, 2) How three strategies might curtail cybercrime and 3) How three trends will shape cybersecurity. getabstract Review P.W. Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations. They detail fascinating episodes, such as the US- Israeli Stuxnet attack on Iranian nuclear engineers, an infiltration so stealthy the engineers didn’t even know it was happening. And, they tell businesses how to stay alert to their own security. Their other true accomplishment, meanwhile, is maintaining a light, entertaining tone. getAbstract recommends their fascinating study to students, coders, start-ups, historians, strategists, anyone in the military, and business owners and managers seeking insight into the defining security frontier of our time. getabstract getabstract Summarygetabstract getabstract getabstract “Indeed, we are so surrounded by computers that we don’t even think of them as ‘computers’ anymore.” getabstract getabstract “To cause true damage entails an understanding of the devices themselves: how they run, their engineering and their underlying physics.” getabstract Malware Every Second Cyberattacks and cyberterror are the dirty underbelly of cyberspace. In 2010, the McAfee computer security firm found new malware every 15 minutes. By 2013, it found a new example every second. The principles that make the Internet so powerful make it vulnerable to security threats. The bigger a network, the more useful it is to businesses, consumers, and anyone seeking a large audience or a broad market. Sadly, the bigger a network, also, the less secure it becomes. The fight against cybercrime can take some unexpected turns. Consider what happened when the FBI nabbed Estonian hackers who created a virus that infected some 570,000 computers. The FBI considered shutting down the scammers’ network, but that would have left hundreds of thousands of victims without Internet access. The FBI set up servers to keep the victims’ computers running. The Internet provides a low-cost venue for terrorists to reach the masses. For instance, al- Qaeda recruited followers by disseminating videos of Osama bin Laden’s speeches. Often, knowledgeable users can glean valuable tactical data, though sometimes that information ends up in the wrong hands. In 2007, US soldiers uploaded photos of new helicopters that had just arrived at their base in Iraq. Insurgents tapped into the “geotagging” feature of the smartphone photos to pinpoint the aircrafts’ location and launched a mortar attack that destroyed four of the helicopters. Stuxnet The Stuxnet attack unleashed by American and Israeli forces sabotaged Iran’s developing nuclear weapons program. Stuxnet’s precision and success offers a case study in cyberwar. The Stuxnet worm infiltrated Iran’s nuclear program through Iranian scientists’ flash drives and laptops. Once inside the Iranian computers, Stuxnet sought a specific program in the Siemens software. Unlike a missile attack, which would have created obvious damage, Stuxnet’s effect was almost invisible. The worm made small changes in the pressure inside Iranian centrifuges. The worm slowed and sped up rotors in the centrifuges, leaving them This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 3 of 5 getabstract “The Internet that we’ve all grown to love and now need is increasingly becoming a place of risk and danger.” getabstract getabstract “Cybersecurity is one of those areas that has been left to only the most technically inclined to worry their uncombed heads over.” getabstract getabstract “Cyberspace may be global, but it is not ‘stateless’ or a ‘global commons,’ both terms frequently used in government and media.” getabstract getabstract “The takeaway for cybersecurity is that the entire system is based on trust.” getabstract unable to produce refined uranium fuel. The worm nudged centrifuge speeds past their limits, causing them to break down. From the standpoint of the American and Israeli saboteurs, the beauty of this onslaught was that Iranian engineers had no idea they were under attack. The nature of Stuxnet led them to believe that the sporadic problems with their equipment sprang from manufacturing defects. The attack left engineers frustrated by their inability to create a nuclear weapon. Stuxnet successfully stalled Iran’s nuclear program, and it showed how opponents can fight a cyberwar. It points up the ethical advantages of cyberweapons. Air strikes against Iran’s nuclear factory might have led to civilian casualties, collateral damage and, possibly, all-out war. The Stuxnet worm damaged only the centrifuges. Many worms wreak hefty damage on the computers they infect. But the Stuxnet’s designers created it to be harmless in nearly every computer it invaded and to activate only when it found its specified software target. In contrast, in 1981, Israeli forces attacked an Iraqi nuclear research site, dropping 32,000 pounds of bombs. The casualties included 11 soldiers and civilians. A worm-as-a-weapon causes no human casualties at all. Stuxnet ushered in a new kind of international conflict with less-overt violence and greater confusion over exactly who led the assault. That confusion can be as powerful a weapon as the worm itself, now gone, since its creators designed it to expire in 2012. Cool War Unlike the Cold War, cyberwar is fuzzy. The Cold War featured two superpowers pursuing ideological goals. The Internet features millions of users going about their business and, given the mass of their sheer number, providing cyberattackers with camouflage. Nations can cyberseige their enemies constantly without ever firing a shot or engaging in open hostilities. Russia unleashed a binge of cyberbullying against Estonia in 2007 and stymied Estonia’s computer networks. Was this an act of aggression? NATO had no way to answer. The Washington treaty creating NATO dates from 1949 and does not address how to interpret virtual espionage that involves no armed conflict or physical contact. Cyberwar will not be entirely bloodless. Consider Operation Orchard. In a midnight raid in 2007, seven Israeli fighter jets flew into Syrian air space and dropped several bombs while the Syrian air-defense network sat silent. The reason? Prior to the attack, Israeli cyberwarriors hacked into the Syrian military’s computers. Able to see what the Syrians were doing, the Israelis projected a fake image of Syrian skies onto the Syrian defense systems during the raid. The Syrians never fired a shot, and Israel completed Operation Orchard with no losses. Such cybersabotage is now rampant, as US and Chinese spies constantly attempt to glean one another’s movement of weapons, resupply rates, ship positions and troop schedules. Operation Orchard represents the holy grail of such operations: It proved that a country’s military not only could spy on an enemy, but it could also take control of the enemy’s systems and networks. Collateral Damage While cyberwar promises to reduce casualties, it would be foolish to think that any kind of warfare will exact no collateral damage. Just as civilians account for 90% of the casualties in hot wars, the same ratio is likely to play out in cyberwar. For instance, enemy combatants might decide to attack the civilian networks that support military forces. In one war game at the Pentagon, a make-believe enemy hacked the civilian logistics network that supplied US soldiers. By deftly changing a few bar codes on shipping containers, the enemy made sure that the US soldiers on the battlefield received a shipping container full of toilet paper This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 4 of 5 getabstract “By focusing on an adversary’s information systems, China advances the idea that cyberattacks turn technical advantage into a liability.” getabstract getabstract “China isn’t just a looming superpower; it’s also home to the world’s largest number of Internet users.” getabstract getabstract “As we use phones and tablets more, the security risks are also going mobile.” getabstract getabstract “As the cyberworld has evolved, so too has terrorist groups’ use of it, especially in information operations.” getabstract rather than weapons. This provides just one example of how an enemy could use a civilian network to wage war. Among the obvious targets are ports, rail yards and arms factories that civilian contractors run. Such trickery offers the advantage of hampering an enemy without putting lives at risk. Civilian organizations typically have less-stringent cybersecurity than military computer networks. “Cyber Command” As cyberwar becomes the strategy of the future, some at the Pentagon believe the US military needs to launch its own Cyber Command that specializes in technical issues – just as, for instance, the US Air Force focuses on airborne warfare. Just like troops who consider land, air and sea as their specialized terrain, the troops in the Cyber Command would patrol cyberspace as an “operational domain.” Proponents of this strategy note that US soldiers train to wage the wars of the past, which victors won through a combination of sharpshooting, sky diving, hand-to-hand combat, and leading soldiers into battle. The US military doles out awards and decorations for yesterday’s combat skills – but, so far, it doesn’t bestow medals or badges to cyberwarriors. Gearing up to fight online is not a guarantee of success, of course. Just as US terror fighters battle insurgents whose identities and whereabouts are not obvious, cyberfighters face shadowy, stateless actors who take advantage of the Internet’s sprawling anonymity. They might launch a cyberattack in hopes of sparking a military response. Some worry that the doctrine of “equivalence” might mean that a virtual attack could elicit a deadly response in the real world. Another concern about readiness focuses on military strategy. The US Air Force’s budget for cyberoffense is more than double its earmark for cyberdefense. This illustrates a troubling trend: Creating a unit of secretive cyberspies who engage in glamorous-sounding exploits is sexy, but that approach undersells the importance of defense. Protecting cybernetworks and securing physical supply chains might be the best way to stabilize a nation’s Internet operations. Disturbingly, much of the construction of cybersecurity policy happens behind the cloak of classified discussion, giving civilian political leaders little opportunity to shape the debate or even to learn which options the government is considering. China’s Cyberwarriors The coming cool war invariably pits the United States against China. The Pentagon considers China the biggest perpetrator of cyberattacks. Chinese officials counter that China is not the aggressor but just another victim of stateless, lawless cybercriminals. They point to the skyrocketing attacks on Chinese computers and the reality that the botnets that hackers run have hijacked an estimated 10 million Chinese computers. The truth in the US-versus-China story is more nuanced than either side admits. Cybercriminals victimize Chinese computer users, but China’s cavalier attitude toward intellectual property enables such attacks. Most computers in China run pirated software, which means Chinese computer users cannot access regular security updates and patches that would protect them from malware. Attack on The New York Times The discovery by The New York Times that a group of Chinese cyberwarriors engaged in attacks on US companies debunked Chinese officials’ protestations. In 2013, the Second Bureau of China’s Third Army – known as the “Comment Crew” or the “Shanghai Group” – stole employee passwords to sneak into The New York Times’ computer networks. After This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 5 of 5 getabstract “Our most senior leaders, now in their 60s and 70s, likely did not even become familiar with computers until well into their careers and many still today have only the most limited experience with them.” getabstract getabstract “Cyberspace is so difficult to define...not only in its expansive, global nature, but also in the fact that the cyberspace of today is almost unrecognizable compared to its humble beginnings.” getabstract getabstract “Security costs money, but it also costs time, convenience, capabilities, liberties, and so on.” getabstract the paper discovered the breach, it reported that the Shanghai Group launched dozens of cyberattacks. Coca-Cola, the Pentagon and the United Nations were among the targets. The publicity embarrassed China, but the episode underscored a crucial precept of cyberwar: A less technically advanced combatant can turn its enemy’s technical edge into a disadvantage – or at least into an area for sabotage. Cybercrime Deterrents The Internet has become a dangerous place, but it doesn’t have to be. Several possible deterrents to cybercrime include: • Build a safe zone dubbed “.secure.” – Just as the Internet added an .xxx domain for pornography, it could create an alternative zone only for sites that adhere to the highest security standards. While imperfect, such a solution adds a layer of needed protection. • Create a CDC for cyberviruses – In 1947, the US created the Centers for Disease Control to track and contain public health threats. The CDC has proven effective at alerting the public to contagions. It could serve as a model for a similar agency that would keep tabs on threats from cyberspace and inform the populace. • Crack down on cyberpirates – For centuries, pirates sailed the high seas, looking for opportunities to plunder unsuspecting victims. Governments brought piracy under control only by cracking down on the markets where they sold their loot. For instance, governments targeted pirate havens such as Port Royal, Jamaica. Today’s cyberpirates offer a similar challenge. Trends of the Cyberfuture Because technology changes so rapidly and unexpectedly, predicting the future is tricky. Today’s state-of-the-art supercomputers quickly devolve into tomorrow’s obsolete piles of metal and microchips. Still, these trends seem likely to influence cybersecurity in the near future: • “Cloud computing” – Data no longer live on your desktop computer or in your corporate servers. Increasingly, businesses and government agencies upload their data to the cloud, where companies such as Amazon and Google store information on their servers. In theory, these cloud servers act as bank vaults: Instead of hiding your information where it may not be secure, you pay experts with a vested interest in ensuring safety to hold your data. Perhaps safer in some ways, cloud computing carries its own problems. Who protects your information as it travels from you to the server and back? • “Big data” – With computers playing such large roles in our lives, making sense of all the data we create is a big business with Big Brother overtones. Netflix is famous for using big data to recommend movies, with the downside that their recommendation algorithm can divine a subscriber’s sexual identity, whether or not he or she has told the world. • Mobile computing – As phones and tablets grow more powerful, so does the risk of using them. By early 2013, criminals had designed some 350,000 versions of malware to attack mobile devices. This cybersecurity niche didn’t even exist until recently. And, as always, those looking to attack remain one step ahead of those defending. getabstract getabstract About the Authorsgetabstract getabstract Peter Warren Singer directs the Brookings Institution’s Center for 21st Century Security and Intelligence. Allan Friedman is research director of Brookings’ Center for Technology Innovation. This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET

Recommended

Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
b coatesworth
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
Digicomp Academy AG
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
Space Defense Newsletter
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
Jamie Moore
 
Future of Destructive Malware
Future of Destructive MalwareFuture of Destructive Malware
Future of Destructive Malware
Greg Foss
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Talwant Singh
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India Ready
Dinesh O Bareja
 

Recommended

Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
b coatesworth
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
Digicomp Academy AG
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
Space Defense Newsletter
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
Jamie Moore
 
Future of Destructive Malware
Future of Destructive MalwareFuture of Destructive Malware
Future of Destructive Malware
Greg Foss
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Talwant Singh
 
Cyberwar - Is India Ready
Cyberwar - Is India ReadyCyberwar - Is India Ready
Cyberwar - Is India Ready
Dinesh O Bareja
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
Talwant Singh
 
Cyber war
Cyber warCyber war
Cyber war
Praveen
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
David Willson, Attorney, CISSP, Security +
 
Port security
Port securityPort security
Port security
borepatch
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
Sylvain Martinez
 
Cyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnCyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye On
Tyrone Systems
 
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
Internetwork Engineering (IE)
 
Cyberwar: (R)evolution?
Cyberwar: (R)evolution?Cyberwar: (R)evolution?
Cyberwar: (R)evolution?
zapp0
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Hacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted ThreatsHacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted Threats
CrowdStrike
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introduction
jagadeesh katla
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016
William Slater III
 
Cyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceCyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrence
Bikrant Gautam
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
Duo Security
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber Terrorism
Ganesh DNP
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Invincea, Inc.
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
Accelerate Tech
 
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
CODE BLUE
 
2019 State of Cyber Security Report
2019 State of Cyber Security Report2019 State of Cyber Security Report
2019 State of Cyber Security Report
Mohamed Zaheer Husain
 
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Clare Nelson, CISSP, CIPP-E
 
Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550
Avirot Mitamura
 
Hacking Wireless World, RFID hacking
Hacking Wireless World, RFID hackingHacking Wireless World, RFID hacking
Hacking Wireless World, RFID hacking
E Hacking
 

More Related Content

What's hot

Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
Talwant Singh
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Invincea, Inc.
 
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
CODE BLUE
 

What's hot (20)

Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
 
Cyber war
Cyber warCyber war
Cyber war
 
Is the us engaged in a cyber war
Is the us engaged in a cyber warIs the us engaged in a cyber war
Is the us engaged in a cyber war
 
Port security
Port securityPort security
Port security
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
 
Cyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnCyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye On
 
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
2019 NCLGISA Spring Cybersecurity Threats & Trends: Blended Threats and Smart...
 
Cyberwar: (R)evolution?
Cyberwar: (R)evolution?Cyberwar: (R)evolution?
Cyberwar: (R)evolution?
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
 
Hacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted ThreatsHacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted Threats
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introduction
 
The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016The Mirai Botnet and Massive DDoS Attacks of October 2016
The Mirai Botnet and Massive DDoS Attacks of October 2016
 
Cyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceCyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrence
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber Terrorism
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
 
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
 
2019 State of Cyber Security Report
2019 State of Cyber Security Report2019 State of Cyber Security Report
2019 State of Cyber Security Report
 
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?Texas Bitcoin Conference: Are Privacy Coins Private Enough?
Texas Bitcoin Conference: Are Privacy Coins Private Enough?
 

Viewers also liked

Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550
Avirot Mitamura
 
CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
E Hacking
 

Viewers also liked (13)

Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550
 
Hacking Wireless World, RFID hacking
Hacking Wireless World, RFID hackingHacking Wireless World, RFID hacking
Hacking Wireless World, RFID hacking
 
Ce hv7 module 12 hacking webservers
Ce hv7 module 12 hacking webserversCe hv7 module 12 hacking webservers
Ce hv7 module 12 hacking webservers
 
CEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and BackdoorsCEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and Backdoors
 
Ce hv7 module 11 session hijacking
Ce hv7 module 11 session hijackingCe hv7 module 11 session hijacking
Ce hv7 module 11 session hijacking
 
CEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH AcademyCEH and Security+ Training Outline - EH Academy
CEH and Security+ Training Outline - EH Academy
 
Top 10 tech trends 2014
Top 10 tech trends 2014Top 10 tech trends 2014
Top 10 tech trends 2014
 
Beyaz Şapkalı Hacker (CEH) Lab Kitabı
Beyaz Şapkalı Hacker (CEH) Lab KitabıBeyaz Şapkalı Hacker (CEH) Lab Kitabı
Beyaz Şapkalı Hacker (CEH) Lab Kitabı
 
Güvenli Yazılım Geliştirmede Dosya Yükleme
Güvenli Yazılım Geliştirmede Dosya YüklemeGüvenli Yazılım Geliştirmede Dosya Yükleme
Güvenli Yazılım Geliştirmede Dosya Yükleme
 
Log Yönetimi ve Saldırı Analizi Eğitimi -1
Log Yönetimi ve Saldırı Analizi Eğitimi -1Log Yönetimi ve Saldırı Analizi Eğitimi -1
Log Yönetimi ve Saldırı Analizi Eğitimi -1
 
Log Yönetimi ve Saldırı Analizi Eğitimi - 2
Log Yönetimi ve Saldırı Analizi Eğitimi - 2Log Yönetimi ve Saldırı Analizi Eğitimi - 2
Log Yönetimi ve Saldırı Analizi Eğitimi - 2
 
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders NotlarıBeyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
 
10 Project Proposal Writing
10 Project Proposal Writing10 Project Proposal Writing
10 Project Proposal Writing
 

Similar to Cybersecurity and-cyberwar-singer-en-22186

54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 
The stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capabilityThe stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capability
Yury Chemerkin
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam Segal
Leslie Lee
 
News letter aug 11
News letter aug 11News letter aug 11
News letter aug 11
captsbtyagi
 

Similar to Cybersecurity and-cyberwar-singer-en-22186 (20)

Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Case study 11
Case study 11Case study 11
Case study 11
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responses
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity risk
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
114-116
114-116114-116
114-116
 
The stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capabilityThe stuxnet computer worm. harbinger of an emerging warfare capability
The stuxnet computer worm. harbinger of an emerging warfare capability
 
The Hacked World Order By Adam Segal
The Hacked World Order By Adam SegalThe Hacked World Order By Adam Segal
The Hacked World Order By Adam Segal
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
 
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
National Critical Information Infrastructure Protection Centre (NCIIPC): Role...
 
Terrorist Cyber Attacks
Terrorist Cyber AttacksTerrorist Cyber Attacks
Terrorist Cyber Attacks
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
Snarky Security. Monthly Digest. 2024-04.pdf
Snarky Security. Monthly Digest. 2024-04.pdfSnarky Security. Monthly Digest. 2024-04.pdf
Snarky Security. Monthly Digest. 2024-04.pdf
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security Review
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 
News letter aug 11
News letter aug 11News letter aug 11
News letter aug 11
 
China Cyber
China CyberChina Cyber
China Cyber
 
Cyber
CyberCyber
Cyber
 

More from Avirot Mitamura

Elevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic ThinkingElevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic Thinking
Avirot Mitamura
 
Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453
Avirot Mitamura
 
Excise department project_fin
Excise department project_finExcise department project_fin
Excise department project_fin
Avirot Mitamura
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introduction
Avirot Mitamura
 

More from Avirot Mitamura (20)

Rpa case study 2020 r1
Rpa case study 2020 r1Rpa case study 2020 r1
Rpa case study 2020 r1
 
Ui path rpa_intro_v1
Ui path rpa_intro_v1Ui path rpa_intro_v1
Ui path rpa_intro_v1
 
Mental illness-at-work-race-en-20921
Mental illness-at-work-race-en-20921Mental illness-at-work-race-en-20921
Mental illness-at-work-race-en-20921
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
 
CEH - Module 11 : Session Hijacking
CEH - Module 11 : Session HijackingCEH - Module 11 : Session Hijacking
CEH - Module 11 : Session Hijacking
 
CEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceCEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of Service
 
CEH - Module 5 : System Hacking
CEH - Module 5 : System HackingCEH - Module 5 : System Hacking
CEH - Module 5 : System Hacking
 
CEH - Module4 : Enumeration
CEH - Module4 : EnumerationCEH - Module4 : Enumeration
CEH - Module4 : Enumeration
 
Kingdom of Thailand - visa
Kingdom of Thailand - visaKingdom of Thailand - visa
Kingdom of Thailand - visa
 
Preparation company limited registration
Preparation company limited registrationPreparation company limited registration
Preparation company limited registration
 
Elevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic ThinkingElevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic Thinking
 
Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453
 
Rising to Power of Exceptional Executives
Rising to Power of Exceptional ExecutivesRising to Power of Exceptional Executives
Rising to Power of Exceptional Executives
 
Imperial violet by poodle attacks on ss-lv3
Imperial violet by poodle attacks on ss-lv3Imperial violet by poodle attacks on ss-lv3
Imperial violet by poodle attacks on ss-lv3
 
Bash Code-Injection Briefing
Bash Code-Injection BriefingBash Code-Injection Briefing
Bash Code-Injection Briefing
 
Excise department project_fin
Excise department project_finExcise department project_fin
Excise department project_fin
 
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
 
PKI101 polk
PKI101 polkPKI101 polk
PKI101 polk
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introduction
 
Introduction to SSL
Introduction to SSLIntroduction to SSL
Introduction to SSL
 

Recently uploaded

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Recently uploaded (20)

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Cybersecurity and-cyberwar-singer-en-22186

  • 1. To purchase personal subscriptions or corporate solutions, visit our website at www.getAbstract.com, send an email to info@getabstract.com, or call us at our US office (1-877-778-6627) or at our Swiss office (+41-41-367-5151). getAbstract is an Internet-based knowledge rating service and publisher of book abstracts. getAbstract maintains complete editorial responsibility for all parts of this abstract. getAbstract acknowledges the copyrights of authors and publishers. All rights reserved. No part of this abstract may be reproduced or transmitted in any form or by any means – electronic, photocopying or otherwise – without prior written permission of getAbstract Ltd. (Switzerland). 1 of 5 Cybersecurity and Cyberwar What Everyone Needs to Know P.W. Singer and Allan Friedman Oxford World’s Classics © 2014 306 pages [@]   Rating 9 Applicability 8 Innovation 8 Style 9   Focus Leadership & Management Strategy Sales & Marketing Finance Human Resources IT, Production & Logistics Career & Self-Development Small Business Economics & Politics Industries Global Business Concepts & Trends Take-Aways • In 2010, the computer security firm McAfee found new malware every 15 minutes. By 2013, it found a new example each second. • The Stuxnet worm provides a case study in bloodless cyberwarfare with no military or civilian casualties. • Stuxnet infiltrated Iran’s nuclear program through Iranian scientists’ flash drives and laptops, and adjusted engineers’ equipment to self-sabotage. • Civilians will suffer from cyberwar as combatants use civilian networks to wage war. • Cyberwarriors can compromise an enemy’s defense networks. • In a midnight raid in 2007, seven Israeli fighter jets bombed targets in Syria as the Syrian air-defense network sat silent. • This raid proved that a military could take control of an enemy’s systems and networks. • Some believe the US military should launch a Cyber Command to focus on technology. • Much of the discussion of cybersecurity policy involves classified information; civilian political leaders have little opportunity to shape the debate. • Cloud computing, mobile computing and big data will shape the future of cybersecurity. This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
  • 2. Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 2 of 5 getabstract Relevancegetabstract getabstract What You Will Learn In this summary, you will learn:r1) How cyberwar evolved, 2) How three strategies might curtail cybercrime and 3) How three trends will shape cybersecurity. getabstract Review P.W. Singer and Allan Friedman of the Brookings Institution reveal the mysteries of botnets and shed light on the murky areas of cyberwar and clandestine military operations. They detail fascinating episodes, such as the US- Israeli Stuxnet attack on Iranian nuclear engineers, an infiltration so stealthy the engineers didn’t even know it was happening. And, they tell businesses how to stay alert to their own security. Their other true accomplishment, meanwhile, is maintaining a light, entertaining tone. getAbstract recommends their fascinating study to students, coders, start-ups, historians, strategists, anyone in the military, and business owners and managers seeking insight into the defining security frontier of our time. getabstract getabstract Summarygetabstract getabstract getabstract “Indeed, we are so surrounded by computers that we don’t even think of them as ‘computers’ anymore.” getabstract getabstract “To cause true damage entails an understanding of the devices themselves: how they run, their engineering and their underlying physics.” getabstract Malware Every Second Cyberattacks and cyberterror are the dirty underbelly of cyberspace. In 2010, the McAfee computer security firm found new malware every 15 minutes. By 2013, it found a new example every second. The principles that make the Internet so powerful make it vulnerable to security threats. The bigger a network, the more useful it is to businesses, consumers, and anyone seeking a large audience or a broad market. Sadly, the bigger a network, also, the less secure it becomes. The fight against cybercrime can take some unexpected turns. Consider what happened when the FBI nabbed Estonian hackers who created a virus that infected some 570,000 computers. The FBI considered shutting down the scammers’ network, but that would have left hundreds of thousands of victims without Internet access. The FBI set up servers to keep the victims’ computers running. The Internet provides a low-cost venue for terrorists to reach the masses. For instance, al- Qaeda recruited followers by disseminating videos of Osama bin Laden’s speeches. Often, knowledgeable users can glean valuable tactical data, though sometimes that information ends up in the wrong hands. In 2007, US soldiers uploaded photos of new helicopters that had just arrived at their base in Iraq. Insurgents tapped into the “geotagging” feature of the smartphone photos to pinpoint the aircrafts’ location and launched a mortar attack that destroyed four of the helicopters. Stuxnet The Stuxnet attack unleashed by American and Israeli forces sabotaged Iran’s developing nuclear weapons program. Stuxnet’s precision and success offers a case study in cyberwar. The Stuxnet worm infiltrated Iran’s nuclear program through Iranian scientists’ flash drives and laptops. Once inside the Iranian computers, Stuxnet sought a specific program in the Siemens software. Unlike a missile attack, which would have created obvious damage, Stuxnet’s effect was almost invisible. The worm made small changes in the pressure inside Iranian centrifuges. The worm slowed and sped up rotors in the centrifuges, leaving them This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
  • 3. Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 3 of 5 getabstract “The Internet that we’ve all grown to love and now need is increasingly becoming a place of risk and danger.” getabstract getabstract “Cybersecurity is one of those areas that has been left to only the most technically inclined to worry their uncombed heads over.” getabstract getabstract “Cyberspace may be global, but it is not ‘stateless’ or a ‘global commons,’ both terms frequently used in government and media.” getabstract getabstract “The takeaway for cybersecurity is that the entire system is based on trust.” getabstract unable to produce refined uranium fuel. The worm nudged centrifuge speeds past their limits, causing them to break down. From the standpoint of the American and Israeli saboteurs, the beauty of this onslaught was that Iranian engineers had no idea they were under attack. The nature of Stuxnet led them to believe that the sporadic problems with their equipment sprang from manufacturing defects. The attack left engineers frustrated by their inability to create a nuclear weapon. Stuxnet successfully stalled Iran’s nuclear program, and it showed how opponents can fight a cyberwar. It points up the ethical advantages of cyberweapons. Air strikes against Iran’s nuclear factory might have led to civilian casualties, collateral damage and, possibly, all-out war. The Stuxnet worm damaged only the centrifuges. Many worms wreak hefty damage on the computers they infect. But the Stuxnet’s designers created it to be harmless in nearly every computer it invaded and to activate only when it found its specified software target. In contrast, in 1981, Israeli forces attacked an Iraqi nuclear research site, dropping 32,000 pounds of bombs. The casualties included 11 soldiers and civilians. A worm-as-a-weapon causes no human casualties at all. Stuxnet ushered in a new kind of international conflict with less-overt violence and greater confusion over exactly who led the assault. That confusion can be as powerful a weapon as the worm itself, now gone, since its creators designed it to expire in 2012. Cool War Unlike the Cold War, cyberwar is fuzzy. The Cold War featured two superpowers pursuing ideological goals. The Internet features millions of users going about their business and, given the mass of their sheer number, providing cyberattackers with camouflage. Nations can cyberseige their enemies constantly without ever firing a shot or engaging in open hostilities. Russia unleashed a binge of cyberbullying against Estonia in 2007 and stymied Estonia’s computer networks. Was this an act of aggression? NATO had no way to answer. The Washington treaty creating NATO dates from 1949 and does not address how to interpret virtual espionage that involves no armed conflict or physical contact. Cyberwar will not be entirely bloodless. Consider Operation Orchard. In a midnight raid in 2007, seven Israeli fighter jets flew into Syrian air space and dropped several bombs while the Syrian air-defense network sat silent. The reason? Prior to the attack, Israeli cyberwarriors hacked into the Syrian military’s computers. Able to see what the Syrians were doing, the Israelis projected a fake image of Syrian skies onto the Syrian defense systems during the raid. The Syrians never fired a shot, and Israel completed Operation Orchard with no losses. Such cybersabotage is now rampant, as US and Chinese spies constantly attempt to glean one another’s movement of weapons, resupply rates, ship positions and troop schedules. Operation Orchard represents the holy grail of such operations: It proved that a country’s military not only could spy on an enemy, but it could also take control of the enemy’s systems and networks. Collateral Damage While cyberwar promises to reduce casualties, it would be foolish to think that any kind of warfare will exact no collateral damage. Just as civilians account for 90% of the casualties in hot wars, the same ratio is likely to play out in cyberwar. For instance, enemy combatants might decide to attack the civilian networks that support military forces. In one war game at the Pentagon, a make-believe enemy hacked the civilian logistics network that supplied US soldiers. By deftly changing a few bar codes on shipping containers, the enemy made sure that the US soldiers on the battlefield received a shipping container full of toilet paper This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
  • 4. Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 4 of 5 getabstract “By focusing on an adversary’s information systems, China advances the idea that cyberattacks turn technical advantage into a liability.” getabstract getabstract “China isn’t just a looming superpower; it’s also home to the world’s largest number of Internet users.” getabstract getabstract “As we use phones and tablets more, the security risks are also going mobile.” getabstract getabstract “As the cyberworld has evolved, so too has terrorist groups’ use of it, especially in information operations.” getabstract rather than weapons. This provides just one example of how an enemy could use a civilian network to wage war. Among the obvious targets are ports, rail yards and arms factories that civilian contractors run. Such trickery offers the advantage of hampering an enemy without putting lives at risk. Civilian organizations typically have less-stringent cybersecurity than military computer networks. “Cyber Command” As cyberwar becomes the strategy of the future, some at the Pentagon believe the US military needs to launch its own Cyber Command that specializes in technical issues – just as, for instance, the US Air Force focuses on airborne warfare. Just like troops who consider land, air and sea as their specialized terrain, the troops in the Cyber Command would patrol cyberspace as an “operational domain.” Proponents of this strategy note that US soldiers train to wage the wars of the past, which victors won through a combination of sharpshooting, sky diving, hand-to-hand combat, and leading soldiers into battle. The US military doles out awards and decorations for yesterday’s combat skills – but, so far, it doesn’t bestow medals or badges to cyberwarriors. Gearing up to fight online is not a guarantee of success, of course. Just as US terror fighters battle insurgents whose identities and whereabouts are not obvious, cyberfighters face shadowy, stateless actors who take advantage of the Internet’s sprawling anonymity. They might launch a cyberattack in hopes of sparking a military response. Some worry that the doctrine of “equivalence” might mean that a virtual attack could elicit a deadly response in the real world. Another concern about readiness focuses on military strategy. The US Air Force’s budget for cyberoffense is more than double its earmark for cyberdefense. This illustrates a troubling trend: Creating a unit of secretive cyberspies who engage in glamorous-sounding exploits is sexy, but that approach undersells the importance of defense. Protecting cybernetworks and securing physical supply chains might be the best way to stabilize a nation’s Internet operations. Disturbingly, much of the construction of cybersecurity policy happens behind the cloak of classified discussion, giving civilian political leaders little opportunity to shape the debate or even to learn which options the government is considering. China’s Cyberwarriors The coming cool war invariably pits the United States against China. The Pentagon considers China the biggest perpetrator of cyberattacks. Chinese officials counter that China is not the aggressor but just another victim of stateless, lawless cybercriminals. They point to the skyrocketing attacks on Chinese computers and the reality that the botnets that hackers run have hijacked an estimated 10 million Chinese computers. The truth in the US-versus-China story is more nuanced than either side admits. Cybercriminals victimize Chinese computer users, but China’s cavalier attitude toward intellectual property enables such attacks. Most computers in China run pirated software, which means Chinese computer users cannot access regular security updates and patches that would protect them from malware. Attack on The New York Times The discovery by The New York Times that a group of Chinese cyberwarriors engaged in attacks on US companies debunked Chinese officials’ protestations. In 2013, the Second Bureau of China’s Third Army – known as the “Comment Crew” or the “Shanghai Group” – stole employee passwords to sneak into The New York Times’ computer networks. After This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET
  • 5. Cybersecurity and Cyberwar                                                                                                                                                          getAbstract © 2015 5 of 5 getabstract “Our most senior leaders, now in their 60s and 70s, likely did not even become familiar with computers until well into their careers and many still today have only the most limited experience with them.” getabstract getabstract “Cyberspace is so difficult to define...not only in its expansive, global nature, but also in the fact that the cyberspace of today is almost unrecognizable compared to its humble beginnings.” getabstract getabstract “Security costs money, but it also costs time, convenience, capabilities, liberties, and so on.” getabstract the paper discovered the breach, it reported that the Shanghai Group launched dozens of cyberattacks. Coca-Cola, the Pentagon and the United Nations were among the targets. The publicity embarrassed China, but the episode underscored a crucial precept of cyberwar: A less technically advanced combatant can turn its enemy’s technical edge into a disadvantage – or at least into an area for sabotage. Cybercrime Deterrents The Internet has become a dangerous place, but it doesn’t have to be. Several possible deterrents to cybercrime include: • Build a safe zone dubbed “.secure.” – Just as the Internet added an .xxx domain for pornography, it could create an alternative zone only for sites that adhere to the highest security standards. While imperfect, such a solution adds a layer of needed protection. • Create a CDC for cyberviruses – In 1947, the US created the Centers for Disease Control to track and contain public health threats. The CDC has proven effective at alerting the public to contagions. It could serve as a model for a similar agency that would keep tabs on threats from cyberspace and inform the populace. • Crack down on cyberpirates – For centuries, pirates sailed the high seas, looking for opportunities to plunder unsuspecting victims. Governments brought piracy under control only by cracking down on the markets where they sold their loot. For instance, governments targeted pirate havens such as Port Royal, Jamaica. Today’s cyberpirates offer a similar challenge. Trends of the Cyberfuture Because technology changes so rapidly and unexpectedly, predicting the future is tricky. Today’s state-of-the-art supercomputers quickly devolve into tomorrow’s obsolete piles of metal and microchips. Still, these trends seem likely to influence cybersecurity in the near future: • “Cloud computing” – Data no longer live on your desktop computer or in your corporate servers. Increasingly, businesses and government agencies upload their data to the cloud, where companies such as Amazon and Google store information on their servers. In theory, these cloud servers act as bank vaults: Instead of hiding your information where it may not be secure, you pay experts with a vested interest in ensuring safety to hold your data. Perhaps safer in some ways, cloud computing carries its own problems. Who protects your information as it travels from you to the server and back? • “Big data” – With computers playing such large roles in our lives, making sense of all the data we create is a big business with Big Brother overtones. Netflix is famous for using big data to recommend movies, with the downside that their recommendation algorithm can divine a subscriber’s sexual identity, whether or not he or she has told the world. • Mobile computing – As phones and tablets grow more powerful, so does the risk of using them. By early 2013, criminals had designed some 350,000 versions of malware to attack mobile devices. This cybersecurity niche didn’t even exist until recently. And, as always, those looking to attack remain one step ahead of those defending. getabstract getabstract About the Authorsgetabstract getabstract Peter Warren Singer directs the Brookings Institution’s Center for 21st Century Security and Intelligence. Allan Friedman is research director of Brookings’ Center for Technology Innovation. This summary is restricted to the personal use of Avirot Liangsiri (cisdavir@th.ibm.com) LoginContext[cu=1698525,asp=1320,subs=0,free=0,lo=en] 2015-01-25 20:15:54 CET