Cyberwar & cybersecurity

Cyber-espionage and cyber-war are important forms of crime and conflict in the 21st century.  Here are resources to help you understand and prepare.

Contents

1. Various posts about Cyber.
2. A series by Edwin Covert
3. A series by Emilio Iasiello
4. About the Sony hack
5. About the OPM hack
6. About Russia “hacking” the 2016 election
7. For More Information

(1)  Various posts about Cyber.

1. Cybercrime: Now More Profitable Than The Drug Trade.
2. Bitcoin, the deep web, & the big conflicts of the 21st C.
3. How would Sun Tzu defend computer systems? Poorly. A new era needs new thinking. — by Steve Tornio and Brian Martin.
4. Advice from Sun Tzu and John Boyd on winning at cyberwar — By Chet Richards.
5. Stratfor: it’s the breakout year for cybercrime! How do we fight it?
6. Stratfor looks back at 2016, the breakout year for cybercrime.
7. Stratfor untangles the web of Russia’s cyber operations.
8. Skip the hysteria. What you need to know about the big ransomware attack.
9. Determining guilt in cyberspace: difficult now, but there’s hope for the future. – by James Palazzol.
10. The Russian cyberattack on the world that wasn’t (again).
11. About the first cyberwar, an electronic Pearl Harbor.
12. America hated ‘Pearl Harbor’ – so we do it again & again.

(2)  A series by Edwin Covert

1. Cyber Terrorism as a Strategy.
2. Selling Fear: How Cyber Terrorism is Being Portrayed.
3. Unraveling the Complexities of Cyber Terrorism.
4. Consequences of Overstating the Cyber Terrorism Threat.

(3)  A series by Emilio Iasiello

1. Identifying the guilty: tying nation states to cyber espionage,
2. Russia’s Propaganda Trolls become a power in cyberspace.
3. The new frontier: Even Developing Nations Do Cyber Spying.
4. Debunking the hysteria about cyberterrorism. Some sensible advice.
5. Is the best defense a strong offense in cybersecurity?
6. About Anonymous – an emerging cyberpower.
7. Complacency in Cyberspace May Be Our Biggest Vulnerability.
8. We Must Stop The Race to Attribution After Each Cyberattack.
9. China is buying U.S. Companies. What secrets do they get?
10. The US & Russia: Cyber-cooperation against common foes.
11. U.S. Cyber Command Attacks ISIS. Slow Progress. Few Results.
12. The Internet of Things attacks. If we don’t do better, we will get hurt.

(4)  About the Sony hack

1. Another day, another campaign of fearmongering in America: North Korea’s cyberattack on Sony., 18 December 2014.
2. The FBI told their story about North Korea attacking Sony. Before we retaliate, read what they didn’t tell you., 20 December 2014.
3. Why do we believe, when the government lies to us so often? When we change, the government also will change., 22 December 2014.
4. See how the news shapes our beliefs about the North Korea hack, 23 December 2014.

(5)  About the OPM hack

1. About the theft of the Federal government’s personnel records: sorting fact from fiction.
2. Seeing behind the headlines about China’s attack, stealing the governments’ jewels.
3. Fight the hysteria about the hack of OPM’s files. It’s probably not a big threat.
4. Remember the world-shaking effects of the March 2014 OPM hack!

(6)  About Russia “hacking” the 2016 election

1. Exposing the farcical claims about Russian hacking of the election.
2. Debunking the Reality Winner leak about Russia hacking the election.
3. The verdict on the stories of Russian hacking in the 2016 election.
4. The bottom line about RussiaGate: no explanation makes sense.
5. Secrets untold about the DNC hack, the core of RussiaGate.

(7)  Good books about this new frontier

1. Kevin Mitnick’s Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker.
2. Andy Greenberg’s This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World’s Information.
3. Brian Krebs’ Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door.
4. Kim Zetter’s Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon, describing the new era of war and preparing you for the next attack (see a review here).

(8)  For More Information

1. Journal of Law & Cyber Warfare.
2. Review of “Countdown To Zero Day”, describing the new era of war, preparing you for the next attack.
3. “Cyberwar is Coming!”, John Arquilla and David Ronfeldt, Comparative Strategy, Spring 1993 — republished by RAND report (pdf).
4. “War Logs On: Girding America for Computer Combat“, Bruce D. Berkowitz (RAND, coauthor of Best Truth: Intelligence in the Information Age), Foreign Affairs, May/June 2000 — “In Kosovo, America stumbled into the age of computer warfare. Now Washington must think hard about how to attack its foes’ electronic networks and defend its own.”
5. “Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats“, James A. Lewis, Center for Strategic and International Studies, December 2002.
6. “The Use, Misuse, and Abuse of Statistics in Information Security Research“, Julie J.C.H. Ryan, George Washington University, 2003 — Slide presentation here.
7. “Unsecured Economies, and Overly-secured Reports“, Jackie Rees and Karthik Kannan, Center for Education and Research in Information Assurance and Security (CERIAS), Purdue U, 30 January 2009.
8. “Securing the Information Highway – How to Enhance the United States’ Electronic Defenses“, Wesley K. Clark and Peter L. Levin, Foreign Affairs, November/December 2009.
9. Defending a New Domain – The Pentagon’s Cyberstrategy“, William J. Lynn III, Foreign Affairs, September/October 2010.
10. “Science of Cyber-Security“, JASON Defense Advisory Panel, November 2010 — This examines the theory and practice of cyber-security, and evaluates whether there are underlying fundamental principles that would make it possible to adopt a more scientific approach.
11. “The Online Threat. Should we be worried about a cyber war?“, Seymour M. Hersh, The New Yorker, 1 November 2010.
12. “Underground Economies – Intellectual Capital and Sensitive Corporate Data Now the Latest Cybercrime Currency“, McAfee and SAIC, 2011.
13. “Reducing Systemic Cybersecurity Risk”, Peter Sommer (London School of Economics) and Ian Brown (Oxford), OECD, 14 January 2011.
14. “Sex, Lies and Cybercrime Surveys“, Dinei Florencio and Cormac Herley, Microsoft Research, June 2011.
15. “The Wrong War: The Insistence on Applying Cold War Metaphors to Cybersecurity Is Misplaced and Counterproductive“, Peter W. Singer and Noah Shachtman, Brookings Institute, 15 August 2011 — Both authors are with the 21st Century Defense Initiative.
16. “The Calm Before the Storm“, Joel Brenner, Foreign Policy, 6 September 2011 — “Cyberwar is already happening — and it’s about to get much, much worse. A veteran cyberwarrior explains how America can prepare itself.”
17. “Cyber War: Reality or Hype?“, Conn Hallinan, Foreign Policy in Focus, 11 January 2012
18. “Cyber-Weapons”, Thomas Rid (Kings College) and Peter McBurney, The RUSI Journal, February 2012.
19. “Cyber War Will Not Take Place“, Thomas Rid (Kings College), Journal of Strategic Studies, February 2012.
20. “Think Again: Cyberwar“, Thomas Rid (Kings College), Foreign Policy, March/April 2012 — “Don’t fear the digital bogeyman. Virtual conflict is still more hype than reality.”
21. “Does Cybercrime Really Cost $1 Trillion?“, by Peter Maass and Megha Rajagopalan, ProPublica, 1 August 2012.
22. “CSI: Cyber-Attack Scene Investigation–a Malware Whodunit” by Larry Greenemeier, Scientific American, 28 January 2016 — “Although the method of a hack attack can be deciphered, the culprits often remain a mystery.”