SUB Hamburg

A/593097

The Basics of
Cyber Warfare
Understanding the
Fundamentals of Cyber Warfare
in Theory and Practice

Steve Winterfeld
Jason Andress

Technical Editor
Andrew Hay

AMSTERDAM BOSTON HEIDELBERG LONDON

NEW YORK OXFORD PARIS SAN DIEGO
SAN FRANCISCO SINGAPORE SYDNEY TOKYO
SYNGRESS,
ELSEVIER Syngress is an Imprint of Elsevier
Contents

Dedication v
Author Biography xi

Chapter 1 Cyber Threatscape 1

How Did We Get Here? 1
Attack Methodology Plus Tools/Techniques Used 3
Attackers (The Types of Threats) 8
How Most Organizations Defend Today (Defensive Mountain
Range)? 10
Targeted Capabilities (What We Should be Defending) 13
Summary 14

Chapter 2 Cyberspace Battlefield Operations 15

What is Cyber Warfare? 15
Definition for Cyber Warfare 16
Tactical and Operational Reasons for Cyber War 17
Cyber Strategy and Power 19
Cyber Arms Control 21
Cyber WarHype or Reality 21
Boundaries in Cyber Warfare 22
Defense in Depth 22
Computer Controlled Infrastructure 23
Organizational View 23
Where Cyber Fits in the War-Fighting Domains 25
Land 26
Sea 26
Air 27
Space 27
Cyber Domain 27
Summary 28

Chapter 3 Cyber Doctrine 31

Current US Doctrine 31
US Forces 33
vii
VIM Contents

US Air Force 35
US Navy 36
US Army 36
DoDINFOCONs 38
Sample Doctrine / Strategy From Around the World 39
Chinese Doctrine 39
Other Asian countries 42
European Countries 43
Private or Mercenary Armies 44
Some Key Military Principles that Must be Adapted to Cyber
Warfare 45
Intelligence Preparation of the Operational
Environment (IPOE) 45
Joint Munitions Effectiveness Manual (JMEM) 45
Measures of Effectiveness (MOE) 46
Battle Damage Assessment (BDA) 47
Close Air Support (CAS) 47
Counterinsurgency (COIN) 47
Summary 48

Chapter 4 Tools and Techniques 51

Logical Weapons 51
Reconnaissance Tools 52
Scanning Tools 52
Access and Escalation Tools 52
Exfiltration Tools 53
Sustainment Tools 53
Assault Tools 53
Obfuscation Tools 54
Physical Weapons 54
How the Logical and Physical Realms are Connected 55
Infrastructure Concerns 57
Supply Chain Concerns 60
Tools for Physical Attack and Defense 62
Summary 64

Chapter 5 Offensive Tactics and Procedures 67

Computer Network Exploitation 67
Intelligence and Counter-intelligence 67
Reconnaissance 68
 Contents IX

Surveillance 70
Computer Network Attack 73
Waging War in the Cyber Era 73
The Attack Process 75
Summary 81

Chapter 6 Psychological Weapons 83

Social Engineering Explained 83
Is Social Engineering science? 84
SE Tactics Techniques and Procedures (TTPs) 84
Types of SE approaches 86
Types of SE methodologies 88
How the Military Approaches Social Engineering 89
Army Doctrine 89
How the Military Defends against Social Engineering 92
How the Army Does CI 95
An Air Force Approach 95
Summary 96

Chapter 7 Defensive Tactics and Procedures 99

What We Protect 100
Confidentiality, Integrity, Availability (CIA) 101
Authenticate, Authorize, and Audit 102
Security Awareness and Training 104
Awareness 104
Training 106
Defending Against Cyber Attacks 106
Policy and Compliance 107
Surveillance, Data Mining, and Pattern Matching 107
Intrusion Detection and Prevention 108
Vulnerability Assessment and Penetration Testing 109
Disaster Recovery Planning 109
Defense in Depth 110
Summary Ill

Chapter 8 Challenges We Face 113

Cybersecurity Issues Defined 114
Policy 115
Processes 116
Technical 117
Contents

Skills 120
People 121
Organization 122
Core (Impacting All Areas) 123
Interrelationship of Cybersecurity Issues 126
Way Ahead 127
Summary 129

Chapter 9 Where is Cyber Warfare Headed? 131

Technology-Based Trends 133
Policy-Based Trends 136
How to Defend in Today's Contested Virtual Environment 139
Summary 140

INDEX 145