Introduction to Cyber-Warfare: A Multidisciplinary Approach [Lingua inglese]

Front Cover
Introduction to Cyber-Warfare: A Multidisciplinary Approach
Copyright
Contents
Preface
Foreword
Introduction
	References
Biography
Chapter 1: Cyber Warfare: Here and Now
	What Is Cyber War?
	Is Cyber War a Credible Threat?
	Attribution, Deception, and Intelligence
		Origin
		Structure
		Purpose
	Information Assurance
	References
Part: I Cyber Attack
	Chapter 2: Political Cyber Attack Comes of Age in 2007
		Reliance on Information as a Vulnerability
		Rudimentary but Effective: Denial of Service
		Leaving Unwanted Messages: Web Site Defacement
		Tools for Denial of Service
		The Difficulty of Assigning Blame: Why Attribution Is Tough in a DDoS Attack
		Estonia Is Hit by Cyber Attacks
			The Estonian Government´s Response
			The End of the Attacks
		General Response to DDoS
		Summary
		Suggested Further Reading
		References
	Chapter 3: How Cyber Attacks Augmented Russian Military Operations
		The 2008 Russian Cyber Campaign Against Georgia
		What Is Interesting About the Russian Cyber Campaign
			Objectives of the Attack
			Coordination with Conventional Forces
			Reconnaissance and Preparation
			Attribution
		Preparing for a Cyber-Capable Adversary
			Cyber as a Battlefield Operating System
			The Cyber Aspect of the Area of Interest
			Cyber Reconnaissance and Surveillance (R&S)
		Summary
		Suggested Further Reading
		References
	Chapter 4: When Who Tells the Best Story Wins: Cyber and Information Operations in the Middle East
		Hijacking Noncombatant Civilian IP Addresses to Help the War Effort: The Israel-Hezbollah ``July War´´ of 2006
			The Information Operations of Hezbollah
			Hezbollah Hijacks IP Addresses
		Civilians in the Cyber Melee: Operation Cast Lead
			IO and Cyber Warfare in the 2008 Israel-Hamas War
		Summary
		Suggested Further Reading
		References
	Chapter 5: Limiting Free Speech on the Internet: Cyber Attack Against Internal Dissidents in Iran and Russia
		DDoS as a Censorship Tool: Why Dissident Groups Are Inherently Vulnerable to Cyber Attacks
		Silencing Novaya Gazeta and Other Russian Dissidents
			Moving to LiveJournal
			Possible Motivation for the 2011 DDoS
			The Optima/Darkness Botnet
			The ``March(es) of Millions´´
		Iran-How the 2009 Elections Led to Aggressive Cyber Operations
			The 2009 Elections
			The Iranian Cyber Army (ICA)
			ICA: Beyond Domain Name Hijacking
			Who Controls the ICA?
			Alleged Iranian Botnet Strikes
			The Iranian Cyber Police
		Summary
		References
	Chapter 6: Cyber Attacks by Nonstate Hacking Groups: The Case of Anonymous and Its Affiliates
		``Chaotic´´ Beginnings: The Chaos Computer Club, CCC
		The Roots of the Anon-4chan, 7chan, and Other Message Boards
		How We Are Influenced by 4chan: Memes
		Anonymous-On Image, Structure, and Motivation
		Anonymous-External Connections and Spin Offs
		Your Security Is a Joke: LulzSec
		Anonymous´ Modus Operandi
		Targeting Governments, Corporations, and Individuals: Notable Hacks on Anonymous
			Habbo Hotel Raids
			Internet Vigilantism
			Project Chanology
			Arab Spring
			HBGary Federal and Aaron Barr
			Straightforward Operations
		Software for the Legion: Anonymous Products
			AnonTune
			AnonPaste
			Anonymous-OS 0.1/Live
		Summary
		Suggested Further Reading
		References
Part II: Cyber Espionage and Exploitation
	Chapter 7: Enter the Dragon: Why Cyber Espionage Against Militaries, Dissidents, and Nondefense Corporations Is a Key Com ...
		Introduction
		Why Cyber Espionage Is Important to China: A Look at Chinese Cyber Doctrine
			Two Examples on Chinese Strategic Thought
			From Active Defense to Active Offense
			The Three Warfares
			The Art of War
		Leveraging Resources Beyond the Military: The Cyber Warriors of China
			INEW and Cyber in the PLA
			The Chinese Hacker Community: From Black Hat to White Hat
			Chinese Academia and Hacking
		Stealing Information from the U.S. Industrial-Military Complex: Titan Rain
			Cyber Reconnaissance: Footprinting, Scanning, and Enumeration
			Titan Rain Dissected
				They Never Hit a Wrong Key
				Indication of Chinese Involvement
		Cyber War Against the Corporate World: A Case Study of Cyber Intrusion Attributed to China
			Reconnaissance and Initial Entry
			Movement of Data on Company Y´s Network
			Exfiltration of the Stolen Data
			Evidence of Chinese Involvement
		Monitoring Dissidents: Gh0stNet
			The Cycle of Cyber Operations Applied to APT
			Using Social Engineering and Malware to Perform Consolidation
			Harvesting Data from the Compromised Systems
			Hints of PRC Involvement
		Using Legitimate Web Sites for Data Exfiltration: The Shadow Network
			Leveraging Legitimate Web Sites for Data Exfiltration
			Targets of the Shadow Network
			Clues of Chinese Involvement in the Shadow Network
		Cyber War Through Intellectual Property Theft: Operation Aurora
			Trojan.Hydraq
			Theft of Intellectual Property
			Indicators of PRC Involvement
		An Example of the Current State of the Art: Sykipot
		Summary
		Suggested Further Reading
		References
	Chapter 8: Duqu, Flame, Gauss, the Next Generation of Cyber Exploitation
		Introduction
		Kernel Mode Rootkits
		Vulnerabilities in the Operating System
		Stolen Keying Material
		Commonalities Between Stuxnet and Duqu
		Information-Stealing Trojans
		The Geography of Duqu
		TDL3 and Other Malware
		Object-Oriented Malware: Stuxnet, Duqu, Flame, and Gauss
			Flame: King-Sized Malware
			Gauss: Malware to Monitor Financial Transactions
			Relationships Among Object-Oriented Malware
		Summary
		Suggested Further Reading
		References
	Chapter 9: Losing Trust in Your Friends: Social Network Exploitation
		Introduction
		Do You Really Know All Your LinkedIn Connections? Imposters in Social Networks
			Duping Corporations and Military Personnel: Robin Sage
			The Dangers of Transitive Trust
			Getting Your Personal Data Compromised While Trying to Impress the Boss: The Case of the SACEUR Imposter
		Designing Common Knowledge: Influencing a Social Network
			How the Syrian Electronic Army Attacked Rivals on Facebook
			The Future of Influencing Social Networks
		Summary
		Suggested Further Reading
		References
	Chapter 10: How Iraqi Insurgents Watched U.S. Predator Video-Information Theft on the Tactical Battlefield
		Introduction
		The Predator UAV
		Hacking the Predator Feed
			The Predator´s Vulnerability
				Wireless Networks
			Attribution and the Kata´ib Hezbollah
			The History of the Predator Vulnerability
		Summary
		Suggested Further Reading
		References
Part III: Cyber Operations for Infrastructure Attack
	Chapter 11: Cyber Warfare Against Industry
		Introduction
		Industrial Control Systems: Critical Infrastructure for Modern Nations
		Information Technology vs. Industrial Control Systems: Why Traditional Infosec Practices May Not Apply
		How Real-World Dependencies Can Magnify an Attack: Infrastructure Attacks and Network Topology
		How a Cyber Attack Led to Water Contamination: The Maroochy Water Breach
		Summary
		Suggested Further Reading
		References
	Chapter 12: Can Cyber Warfare Leave a Nation in the Dark? Cyber Attacks Against Electrical Infrastructure
		Introduction
		Cyber Attacks Directed Against Power Grids
			Access
			Discovery
			Control
		Destroying a Generator with a Cyber Attack: The Aurora Test
			Implementing an Aurora-Style Attack
		Taking the Power Grid Offline with Minimal Effort: Attacks Leveraging Network Topology
			Targeting Key Transmission Substations
			Causing Cascading Failure
			Dependencies on Computer Networks Can Lead to Cascading Failure
		Summary
		Suggested Further Reading
		References
	Chapter 13: Attacking Iranian Nuclear Facilities: Stuxnet
		Introduction
		The Alleged Target: The Natanz Fuel Enrichment Facility
		How Stuxnet Targets Industrial Control Systems
		Stuxnet Successfully Targets the Natanz Fuel Enrichment Plant
			Stuxnet Was Predominantly Found in Iran
			Stuxnet Source Code Resembles the Cascade Configuration at Natanz
			The Effectiveness of Stuxnet Against the Natanz Facility
			Reactions on Stuxnet from the Iranian Regime
			Was Natanz the Sole Target of Stuxnet?
		Stuxnet Is a Significant Advancement in Malware
		Stuxnet Invalidates Several Security Assumptions
		Implications for the Future
		Summary
		Suggested Further Reading
		References
Conclusion and the Future of Cyber Warfare
	References
Appendix I: Chapter 6: LulzSec Hacktivities
	References
Appendix II: Chapter 6: Anonymous Timeline
	References
Glossary
Index