Copyright
Acquiring Editor: Chris Katsaropoulos
Development Editor: Benjamin Rearick
Project Manager: Malathi Samayan
Designer: Russell Purdy
Syngress is an imprint of Elsevier
225 Wyman Street, Waltham, MA 02451, USA
Copyright 2013 Elsevier, Inc. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publishers permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).
Notices
Knowledge and best practice in this fi eld are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
Library of Congress Cataloging-in-Publication Data
Application submitted
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library.
ISBN: 978-0-12-404737-2
Printed in the United States of America
13 14 15 16 17 10 9 8 7 6 5 4 3 2 1
For information on all Syngress publications, visit our werbsite at www.syngress.com
Dedication
We thank our families and friends for their guidance, support, and fortitude throughout this project. We dedicate this book to those in the security industry who are making the world a better place through efforts like Hackers for Charity (You may have seen their T-shirtsi hack charities. For more information, go to http://hackersforcharity.org/). To those who are not we sayget engaged!
Author Biography
Steve Winterfeld is the Chief Technology Officer (CTO) of TASCs Defense/Civil Business Group, as well as TASCs Cyber Tech Director and senior CyberWarrior instructor. During his career, he has supported a number of important cyber projects, most notably building the Computer Emergency Response Center (CERT) for US Army South, which is responsible for monitoring security in real time and conducting forensic investigations on intrusions and the developing the first Certification and Accreditation (C&A) approval for the Global Hawk Unmanned Aerial System (UAS). He holds CISSP, PMP, SANS GSEC, Six Sigma certifications in addition to an M.S. in computer information systems.
Dr. Jason Andress (ISSAP, CISSP, GPEN, CISM) is a seasoned security professional with a depth of experience in both the academic and business worlds. In his present and previous roles, he has provided information security expertise to a variety of companies operating globally. He has taught undergraduate and graduate security courses since 2005 and conducts research in the area of data protection. He has written several books and publications covering topics including data security, network security, penetration testing, and digital forensics.
Introduction
Information in this chapter:
Book Overview and Key Learning Points
Book Audience
How this Book is Organized
Book Overview and Key Learning Points
This book is designed as an introduction to the strategic, operational, and tactical aspects of the conflicts in cyberspace today. This book is largely a higher level view of the material in Cyber Warfare Techniques, Tactics and Tools for Security Practitioners published in 2011, and also includes updates regarding events that have happened since the publication of the first book.
The book shares two very different perspectives of the two authors on what many are calling cyber warfare today. One comes from a commercial background and the other brings the military viewpoint. The book is designed to help everyone understand the essentials of what is happening today, as well as provide a strong background on the issues we are facing.
This book is unique in that it provides the information in a manner that can be used to establish a strategic cybersecurity vision for an organization but it is also designed to contribute to the national debate on where cyber is going.
Book Audience
This book will provide a valuable resource to those involved in cyber warfare activities regardless of where their focus is; policy maker, CEO, CISO, doctrinal development, penetration testers, security professionals, network, and system administrators, or college instructors. The information provided on cyber tactics and attacks can also be used to assist in engineering with better and more efficient procedures and technical defenses.
Those in management positions will find this information useful as well, from the standpoint of developing better overall risk management strategies for their organizations. The concepts covered in this book will help determine how to allocate resources and can be used to drive security projects and policies in order to mitigate some of the larger issues discussed.
How this Book is Organized
This book is designed to take the reader through a logical progression for a foundational understanding of todays cyber battlespace, but the content and organization of the topics in this book are build as standalone modules of information. It is not necessary to read the book from front to back or even in any particular order. In the areas where we refer to information located in other chapters in the book, we have endeavored to point out where the information can be found. The following descriptions will provide an overview of the contents of each chapter:
Chapter 1: Cyber Threatscape
In is an overview of the cyber threatscape based on a graphical map which lays out the Methodology and Resources then shows the Attackers and Hackers that use them to beat the defenses (shown as defensive mountain range) to get to the Valuable Data. The map is intended to show the interaction and complexity across the cyber domain. The hackers methodology, tools, and processes listed are generally the same ones used by security professionals; though the security professional has (written) authorization to conduct attacks and operations.