Most books on cyber warfare look at the subject area from a purely technical perspective. This book’s coverage of the macro issues associated with cyber war--including international law, involvement of organized crime, and state machinery--sets it apart from others in the field.
Chapter 1 provides an introduction to the problem of warfare in cyberspace by referencing recent incidents involving nonstate hackers from countries such as China, Russia, Israel, and Iran. Chapter 2 looks at some of these well-know hackers and follows up with a discussion on whether these nonstate actors are protected within a nation’s legal system. Chapter 3 discusses the legal status of cyber warfare and existing thoughts on how cyber warfare can be governed by the existing laws of armed conflict. The next chapter covers various issues associated with this matter in a detailed, in-depth way. Placing specific emphasis on the use of active defense to thwart cyber attacks, its strength lies in the strong analysis of cyber war scenarios. It tackles the contentious issue of nonstate actors and the need to impute state responsibility for their acts.
Chapter 5 discusses the investigation and analysis performed by Project Grey Goose--in which the author participated--on two cyber attacks: the attacks against US and South Korean government Web sites in 2009, and the LiveJournal and Twitter distributed denial-of-service (DDoS) attacks in August 2009. It also proposes a new approach to conducting cyber intelligence, taking into account unique issues associated with cyberspace and cyber warfare. Chapter 6 looks at hackers’ use of social Web tools, such as Twitter, Facebook, and MySpace, to collect personal information about potential attack targets, and how these tools are then used to mount targeted attacks. Chapter 7 explains how the process of following the money trail created by arranging the logistics of launching an attack can be used to track down the culprits, while chapter 8 discusses the involvement of organized crime in cyber warfare, with an emphasis on Russian organized crime.
Chapter 9 takes a quick look at some basic network forensics tools available to investigators. Subsequent chapters cover malware, foreign approaches, an early warning model, and advice to policy makers.
The book has some failings. While it covers good ground, it falls short of a scholarly work, mainly due to the unequal depth of analysis of the various issues.