Jeffrey Carr - Inside Cyber Warfare: Mapping the Cyber Underworld

Copyright 2009 Jeffrey Carr

This book uses RepKover, a durable and flexible lay-flat binding.

OReilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (.

Nutshell Handbook, the Nutshell Handbook logo, and the OReilly logo are registered trademarks of OReilly Media, Inc. Inside Cyber Warfare, the image of light cavalry, and related trade dress are trademarks of OReilly Media, Inc.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and OReilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps.

While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.

I was recently invited to participate in a cyber security dinner discussion by a few members of a well-known Washington D.C. think tank. The idea was that we could enjoy a fine wine and a delicious meal while allowing our hosts to pick our brains about this cyber warfare stuff. It seems that the new threatscape emerging in cyberspace has caught them unprepared and they were hoping we could help them grasp some of the essentials in a couple of hours. By the time we had finished dinner and two bottles of a wonderful 2003 red, one of the Fellows in attendance was holding his head in his hands, and it wasnt because of the wine.

International acts of cyber conflict (commonly but inaccurately referred to as cyber warfare) are intricately enmeshed with cyber crime, cyber security, cyber terrorism, and cyber espionage. That web of interconnections complicates finding solutions because governments have assigned different areas of responsibility to different agencies which historically do not play well with others. Then there is the matter of political will. When I signed the contract to write this book, President Obama had committed to make cyber security a top priority in his administration. Seven months later, as I write this introduction, cyber security has been pushed down the priority ladder behind the economy and health care, and the position of cyber coordinator, who originally was going to report directly to the President, must now answer to multiple bosses with their own agendas. A lot of highly qualified candidates have simply walked away from a position that has become a shadow of its former self. Consequently, we all find ourselves holding our heads in our hands more often than not.

Cyberspace as a warfighting domain is a very challenging concept. The temptation to classify it as just another domain, like air, land, sea, and space, is frequently the first mistake thats made by our military and political leaders and policy makers.

I think that a more accurate analogy can be found in the realm of science fictions parallel universesmysterious, invisible realms existing in parallel to the physical world, but able to influence it in countless ways. Although thats more metaphor than reality, we need to change the habit of thinking about cyberspace as if its the same thing as meat space.

After all, the term cyberspace was first coined by a science fiction writer. My own childhood love affair with science fiction predated William Gibsons 1984 novel Neuromancer , going all the way back to The New Tom Swift Jr. Adventures series, which was the follow-up to the original series of the early 1900s. By some quirk of fate, the first Tom Swift Jr. book was published in 1954 (the year that I was born) and ceased publication in 1971 (the year that I left home for college). Although the young inventor didnt have cyberspace to contend with, he did have the Atomic Earth Blaster and the Diving Sea Copter. In an otherwise awful childhood, the adventures of Tom Swift Jr. kept me feeling sane, safe, and excited about the future until I was old enough to leave home and embark on my own adventures.

Now, 38 years later, I find myself investigating a realm that remains a sci-fi mystery to many leaders and policy makers of my generation, while younger people who have grown up with computers, virtual reality, and online interactions of all kinds are perfectly comfortable with it. For this reason, I predict that the warfighting domain of cyberspace wont truly find its own for another five to eight years, when military officers who have grown up with a foot in both worlds rise to senior leadership roles within the Department of Defense.