Cyberespionage, cyberwar, cybersecurity

Cyber-espionage and cyber-war are important forms of crime and conflict in the 21st century.  Here are resources to help you understand and prepare.

(1)  Posts by Marcus Ranum about cyber-espionage and cyberwar

  1. Obama knows how to lead America by exploiting our fears — About cyberwar.
  2. Cyberwar: a Whole New Quagmire.  Part 1: The Pentagon Cyberstrategy.
  3. “Do as I say, not as I do” shall be the whole of the law.
  4. Conflating Threats.
  5. About Stuxnet‏, the next generation of warfare?, 29 September 2011 – Introducing Stuxnet and some of the issues surrounding practical malware-based warfare.
  6. Cyberwar: a Whole New Quagmire – When the Drones Come To Roost.
  7. About Attribution (identifying your attacker).
  8. You must Be >this< Tall To Play Cyberwar (has DoD grown enough yet?).
  9. Parsing Cyberwar – Part 1: The Battlefield.
  10. Parsing Cyberwar – Part 2: The Logistical Train.
  11. Parsing Cyberwar – Part 3:Synergies and Interference.
  12. Parsing Cyberwar – Part 4: The Best Defense is a Good Defense.
  13. Cyberwar, the Power of Nightmares.
  14. How do we identify our attackers in cyberspace?
  15. The horror of cyberspace: we can’t easily identify our attackers.
  16. The Best Defense Is a Strong Defense. Never Fight a Land War in Cyberspace.

(2)  A series by Edwin Covert

  1. Cyber Terrorism as a Strategy.
  2. Selling Fear: How Cyber Terrorism is Being Portrayed.
  3. Unraveling the Complexities of Cyber Terrorism.
  4. Consequences of Overstating the Cyber Terrorism Threat.

(3)  A series by Emilio Iasiello

  1. Identifying the guilty: tying nation states to cyber espionage,
  2. Russia’s Propaganda Trolls become a power in cyberspace.
  3. The new frontier: Even Developing Nations Do Cyber Spying.
  4. Debunking the hysteria about cyberterrorism. Some sensible advice.
  5. Is the best defense a strong offense in cybersecurity?
  6. About Anonymous – an emerging cyberpower.
  7. Complacency in Cyberspace May Be Our Biggest Vulnerability.
  8. We Must Stop The Race to Attribution After Each Cyberattack.
  9. China is buying U.S. Companies. What secrets do they get?
  10. The US & Russia: Cyber-cooperation against common foes.
  11. U.S. Cyber Command Attacks ISIS. Slow Progress. Few Results.
  12. The Internet of Things attacks. If we don’t do better, we will get hurt.

(4)  About the Sony hack

  1. Another day, another campaign of fearmongering in America: North Korea’s cyberattack on Sony., 18 December 2014.
  2. The FBI told their story about North Korea attacking Sony. Before we retaliate, read what they didn’t tell you., 20 December 2014.
  3. Why do we believe, when the government lies to us so often? When we change, the government also will change., 22 December 2014.
  4. See how the news shapes our beliefs about the North Korea hack, 23 December 2014.

(5)  About the OPM hack

(6)  Other posts about cyber-related issues

(7) Good books about this new frontier

(8)  For More Information

  1. Journal of Law & Cyber Warfare.
  2. Review of “Countdown To Zero Day”, describing the new era of war, preparing you for the next attack.
  3. Cyberwar is Coming!”, John Arquilla and David Ronfeldt, Comparative Strategy, Spring 1993 — republished by RAND report (pdf).
  4. War Logs On: Girding America for Computer Combat“, Bruce D. Berkowitz (RAND, coauthor of Best Truth: Intelligence in the Information Age), Foreign Affairs, May/June 2000 — “In Kosovo, America stumbled into the age of computer warfare. Now Washington must think hard about how to attack its foes’ electronic networks and defend its own.”
  5. “Assessing the Risks of Cyber Terrorism, Cyber War and Other Cyber Threats“, James A. Lewis, Center for Strategic and International Studies, December 2002.
  6. The Use, Misuse, and Abuse of Statistics in Information Security Research“, Julie J.C.H. Ryan, George Washington University, 2003 — Slide presentation here.
  7. Unsecured Economies, and Overly-secured Reports“, Jackie Rees and Karthik Kannan, Center for Education and Research in Information Assurance and Security (CERIAS), Purdue U, 30 January 2009.
  8. Securing the Information Highway – How to Enhance the United States’ Electronic Defenses“, Wesley K. Clark and Peter L. Levin, Foreign Affairs, November/December 2009.
  9. Defending a New Domain – The Pentagon’s Cyberstrategy“, William J. Lynn III, Foreign Affairs, September/October 2010.
  10. Science of Cyber-Security“, JASON Defense Advisory Panel, November 2010 — This examines the theory and practice of cyber-security, and evaluates whether there are underlying fundamental principles that would make it possible to adopt a more scientific approach.
  11. The Online Threat. Should we be worried about a cyber war?“, Seymour M. Hersh, The New Yorker, 1 November 2010.
  12. Underground Economies – Intellectual Capital and Sensitive Corporate Data Now the Latest Cybercrime Currency“, McAfee and SAIC, 2011.
  13. Reducing Systemic Cybersecurity Risk”, Peter Sommer (London School of Economics) and Ian Brown (Oxford), OECD, 14 January 2011.
  14. Sex, Lies and Cybercrime Surveys“, Dinei Florencio and Cormac Herley, Microsoft Research, June 2011.
  15. The Wrong War: The Insistence on Applying Cold War Metaphors to Cybersecurity Is Misplaced and Counterproductive“, Peter W. Singer and Noah Shachtman, Brookings Institute, 15 August 2011 — Both authors are with the 21st Century Defense Initiative.
  16. The Calm Before the Storm“, Joel Brenner, Foreign Policy, 6 September 2011 — “Cyberwar is already happening — and it’s about to get much, much worse. A veteran cyberwarrior explains how America can prepare itself.”
  17. Cyber War: Reality or Hype?“, Conn Hallinan, Foreign Policy in Focus, 11 January 2012
  18. Cyber-Weapons”, Thomas Rid (Kings College) and Peter McBurney, The RUSI Journal, February 2012.
  19. Cyber War Will Not Take Place“, Thomas Rid (Kings College), Journal of Strategic Studies, February 2012.
  20. Think Again: Cyberwar“, Thomas Rid (Kings College), Foreign Policy, March/April 2012 — “Don’t fear the digital bogeyman. Virtual conflict is still more hype than reality.”
  21. Does Cybercrime Really Cost $1 Trillion?“, by Peter Maass and Megha Rajagopalan, ProPublica, 1 August 2012.
  22. CSI: Cyber-Attack Scene Investigation–a Malware Whodunit” by Larry Greenemeier, Scientific American, 28 January 2016 — “Although the method of a hack attack can be deciphered, the culprits often remain a mystery.”




2 replies »

  1. You should add a link to, which is the most ‘notorious’ hacker publication/web-site.

    Readers interested in this subject would be well advised to read the last couple of editions of this publication (which is a quarterly), to better gain insight into “hacker” mindsets and viewpoints.


    A. Scott Crawford


Leave a comment & share your thoughts...

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s