Front Cover -- Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners -- Copyright -- Contents -- Acknowledgments -- Foreword -- Why a Book on Cyber Warfare Is Important -- Why Should You Read This Book -- References -- Introduction -- Book Overview and Key Learning Points -- Book Audience -- How this Book is Organized -- Chapter 1: What is Cyber Warfare? -- Chapter 2: Cyber Threatscape -- Chapter 3: The Cyberspace Battlefield -- Chapter 4: Cyber Doctrine -- Chapter 5: Cyber Warriors -- Chapter 6: Logical Weapons -- Chapter 7: Physical Weapons -- Chapter 8: Psychological Weapons -- Chapter 9: Computer Network Exploitation -- Chapter 10: Computer Network Attack -- Chapter 11: Computer Network Defense -- Chapter 12: Non-State Actors in Computer Network Operations -- Chapter 13: Legal System Impacts -- Chapter 14: Ethics -- Chapter 15: Cyberspace Challenges -- Chapter 16: The Future of Cyber War -- Appendix: Cyber Timeline -- Conclusion -- Chapter 1: What is Cyber Warfare? -- What is Cyber Warfare? -- Background -- Definition for Cyber Warfare -- Tactical and Operational Reasons for Cyber War -- Cyber Strategy and Power -- Cyber Arms Control -- What is the United States Doing about the Threat of a Cyber War? -- Have We Seen a Cyber War? -- Case Studies -- The Debate (is it Real?) -- Why Cyber Warfare is Important -- Summary -- References -- Chapter 2: Cyber Threatscape -- How Did We Get Here? -- Attack Methodology with the Tools and Techniques Used to Execute Them -- Mapping Sample of Well-known Tools to the Process -- Attackers (Major Categories of Threats) -- Advanced Persistent Threat -- Organized Crime -- Insider Threat -- Hacktivist -- Script Kiddies/Noobs -- Defense in Depth-How Organizations Defend Today (Defensive Mountain Range) -- What the Threat is After (What We Should Focus on Defending) -- Summary -- References.

Chapter 3: The Cyberspace Battlefield -- Boundaries in Cyber Warfare -- Defense in Depth -- Physical Infrastructure -- Organizational View -- Where Cyber Fits in the War-Fighting Domains -- Land Domain -- Sea Domain -- Air Domain -- Space Domain -- Cyber Domain -- Combined Arms -- Review of the Threat Actors -- Most Active Threats -- Most Dangerous Threats -- Motivations -- Fielding Systems at the Speed of Need -- Summary -- References -- Chapter 4: Cyber Doctrine -- Current U.S. Doctrine -- U.S. Forces -- Joint Doctrine -- U.S. Air Force -- U.S. Navy -- U.S. Army -- DoD INFOCONs -- Sample Doctrine/Strategy from Around the World -- Background -- Chinese Doctrine -- Other Asian Countries -- European Countries -- Private or Mercenary Armies -- Key Military Principles That Must be Adapted to Cyber Warfare -- Intelligence Preparation of the Operational Environment -- Joint Munitions Effectiveness Manual -- Measures of Effectiveness -- Battle Damage Assessment -- Close Air Support -- Counterinsurgency -- Guidance and Directives -- Comprehensive National Cybersecurity Initiative -- Department of Homeland Security -- Homeland Security/Presidential Directives -- National Institute of Standards and Technology -- Academia and Industry Associations -- Operations and Exercises -- Federal Exercises -- DoD Exercises -- Educational Exercises -- Sample MESLs -- Summary -- References -- Chapter 5: Cyber Warriors -- What Does a Cyber Warrior Look Like? -- Certifications -- Education and Training -- Education -- Training -- Experience and Skills -- Differences from Traditional Forces -- Age -- Attitude -- Physical Condition -- Credentials -- Present Cyber Warfare Forces -- U.S. -- U.S. Cyber Command -- China -- Russia -- France -- Israel -- Brazil -- Singapore -- South Korea -- North Korea -- Australia -- Malaysia -- Japan -- Canada -- United Kingdom.

Other Countries with Cyber Forces -- Corporate -- Criminal -- Staffing for Cyber War -- Sources of Talent -- Training the Next Generation -- The Training Paradigm -- Teaching the Needed Skills -- Issues in Training for Cyber Warfare -- Summary -- References -- Chapter 6: Logical Weapons -- Reconnaissance Tools -- General Information Gathering -- Websites and Web Servers -- Search Engines -- Google Hacking -- The Deep Web -- Whois -- DNS -- Metadata -- Metagoofil -- Exiftool -- Strings -- Maltego -- Defense -- Scanning Tools -- Nmap -- Nessus -- Defense -- Access and Escalation Tools -- Password Tools -- The Metasploit Project -- The Metasploit Framework -- Metasploit Express and Metasploit Pro -- Immunity CANVAS -- Defense -- Exfiltration Tools -- Physical Exfiltration -- Encryption and Steganography -- Using Common Protocols -- Out of Band Methods -- Defense -- Sustainment Tools -- Adding ``Authorized ́́Access -- Backdoors -- Defense -- Assault Tools -- Meddling with Software -- System Resources -- System Environment -- Attacking Hardware -- Defense -- Obfuscation Tools -- Location Obscuration -- Log Manipulation -- File Manipulation -- Defense -- Summary -- References -- Chapter 7: Physical Weapons -- How the Logical and Physical Realms Are Connected -- Logical Systems Run on Physical Hardware -- Logical Attacks can have Physical Effects -- Infrastructure Concerns -- What is SCADA? -- What Security Issues are Present in the World of SCADA? -- What are the Consequences of SCADA Failures? -- Supply Chain Concerns -- Compromised Hardware -- Deliberately Corrupted Components -- Nontechnical Issues -- Tools for Physical Attack and Defense -- Electromagnetic Attacks -- Electromagnetic Pulse Weapons -- Jamming -- Defense Against Conventional Attacks -- Redundant Infrastructure -- Facility and Equipment Hardening -- Covert Activity.

Eavesdropping on Electromagnetic Emissions -- Vandalism/Denial of Service -- Attacking Physical Access Controls -- Tailgating -- Locks -- Defending Against Covert Attacks -- Summary -- References -- Chapter 8: Psychological Weapons -- Social Engineering Explained -- Is SE Science? -- SE TTPs -- General Access Attacks -- Specific Targeted Access Attacks -- Types of SE Approaches -- Types of SE Methodologies -- How the Military Approaches SE -- Army Doctrine -- How the Military Defends Against SE -- How the Army Does CI -- An Air Force Approach -- Summary -- References -- Chapter 9: Computer Network Exploitation -- Intelligence and Counter-Intelligence -- Sources of Cyber Attacks -- Attackers and Sponsors of Attacks -- Reconnaissance -- Open Source Intelligence -- Passive Reconnaissance -- Surveillance -- Justifications for Surveillance -- Advanced Persistent Threat -- Voice Surveillance -- Data Surveillance -- Large-Scale Surveillance Programs -- Uses of Surveillance Data -- Summary -- References -- Chapter 10: Computer Network Attack -- Waging War in the Cyber Era -- Physically -- Electronically -- Logically -- Reactively Versus Proactively -- Time as a Factor -- The Attack Process -- Recon -- Scan -- Access -- Escalate -- Exfiltrate -- Assault -- Sustain -- Obfuscate -- Summary -- References -- Chapter 11: Computer Network Defense -- What We Protect -- Confidentiality, Integrity, Availability -- Integrity -- Availability -- Authenticate, Authorize, and Audit -- Security Awareness and Training -- Awareness -- Training -- Defending Against Cyber Attacks -- Policy and Compliance -- Surveillance, Data Mining, and Pattern Matching -- Intrusion Detection and Prevention -- Vulnerability Assessment and Penetration Testing -- Disaster Recovery Planning -- Defense in Depth -- Summary -- References -- Chapter 12: Non-State Actors in Computer Network Operations.

Individual Actors -- Script Kiddies -- Malware Authors -- Scammers -- Blackhats -- Hacktivists -- Patriotic Hackers -- Corporations -- Motivation for Corporations to Act in Cyber Warfare -- Cyber Terrorism -- Reasons for Cyber Terrorist Attacks -- What will Happen When we see a Cyber Terrorist Attack? -- Organized Cyber Crime -- Motivations for Criminal Organizations -- Autonomous Actors -- Exploratory Systems -- Attack Systems -- Defensive Systems -- Summary -- References -- Chapter 13: Legal System Impacts -- Unresolved Questions -- Legal Systems -- International -- Maritime Law -- Space Law -- United States Laws -- Criminal Law -- Electronic Discovery -- Key U.S. Laws -- International Trafficking in Arms Regulations -- U.S. Cyber Related Laws -- Computer Fraud and Abuse Act -- Cyber Security Enhancement Act -- Federal Information Security Management Act -- Standards to Support Cybersecurity -- Privacy Impacts -- Electronic Communications Privacy Act -- Digital Forensics -- Certification -- Summary -- References -- Chapter 14: Ethics -- Ethics in Cyber Warfare -- Use of Force -- Intent -- Attribution -- Military Laws Based on Ethical Systems -- Law of Armed Conflict -- Bellum Iustum (Just War Theory) -- Jus ad Bellum (The Right to Wage War) -- Right Authority -- Right Intention -- Probability of Success -- Last Resort -- Proportionality -- Jus in Bello (Proper Conduct in War) -- Distinction -- Noncombatants -- Proportionality -- Collateral Damage -- Limiting Attacks -- Jus Post Bellum (Justice After War) -- Seek a Lasting Peace -- Hold Morally Culpable Individuals Accountable -- Extract Reparations -- Summary -- References -- Chapter 15: Cyberspace Challenges -- Cybersecurity Issues Defined -- Policy -- Processes -- Technical -- Skills -- People -- Organization -- Core (Impacting all Areas) -- Interrelationship of Cybersecurity Challenges.

Way Ahead.