Front Cover -- Introduction to Cyber-Warfare: A Multidisciplinary Approach -- Copyright -- Contents -- Preface -- Foreword -- Introduction -- References -- Biography -- Chapter 1: Cyber Warfare: Here and Now -- What Is Cyber War? -- Is Cyber War a Credible Threat? -- Attribution, Deception, and Intelligence -- Origin -- Structure -- Purpose -- Information Assurance -- References -- Part: I Cyber Attack -- Chapter 2: Political Cyber Attack Comes of Age in 2007 -- Reliance on Information as a Vulnerability -- Rudimentary but Effective: Denial of Service -- Leaving Unwanted Messages: Web Site Defacement -- Tools for Denial of Service -- The Difficulty of Assigning Blame: Why Attribution Is Tough in a DDoS Attack -- Estonia Is Hit by Cyber Attacks -- The Estonian Governmentś Response -- The End of the Attacks -- General Response to DDoS -- Summary -- Suggested Further Reading -- References -- Chapter 3: How Cyber Attacks Augmented Russian Military Operations -- The 2008 Russian Cyber Campaign Against Georgia -- What Is Interesting About the Russian Cyber Campaign -- Objectives of the Attack -- Coordination with Conventional Forces -- Reconnaissance and Preparation -- Attribution -- Preparing for a Cyber-Capable Adversary -- Cyber as a Battlefield Operating System -- The Cyber Aspect of the Area of Interest -- Cyber Reconnaissance and Surveillance (R&S) -- Summary -- Suggested Further Reading -- References -- Chapter 4: When Who Tells the Best Story Wins: Cyber and Information Operations in the Middle East -- Hijacking Noncombatant Civilian IP Addresses to Help the War Effort: The Israel-Hezbollah ``July War ́́of 2006 -- The Information Operations of Hezbollah -- Hezbollah Hijacks IP Addresses -- Civilians in the Cyber Melee: Operation Cast Lead -- IO and Cyber Warfare in the 2008 Israel-Hamas War -- Summary -- Suggested Further Reading -- References.

Chapter 5: Limiting Free Speech on the Internet: Cyber Attack Against Internal Dissidents in Iran and Russia -- DDoS as a Censorship Tool: Why Dissident Groups Are Inherently Vulnerable to Cyber Attacks -- Silencing Novaya Gazeta and Other Russian Dissidents -- Moving to LiveJournal -- Possible Motivation for the 2011 DDoS -- The Optima/Darkness Botnet -- The ``March(es) of Millions ́́-- Iran-How the 2009 Elections Led to Aggressive Cyber Operations -- The 2009 Elections -- The Iranian Cyber Army (ICA) -- ICA: Beyond Domain Name Hijacking -- Who Controls the ICA? -- Alleged Iranian Botnet Strikes -- The Iranian Cyber Police -- Summary -- References -- Chapter 6: Cyber Attacks by Nonstate Hacking Groups: The Case of Anonymous and Its Affiliates -- ``Chaotic ́́Beginnings: The Chaos Computer Club, CCC -- The Roots of the Anon-4chan, 7chan, and Other Message Boards -- How We Are Influenced by 4chan: Memes -- Anonymous-On Image, Structure, and Motivation -- Anonymous-External Connections and Spin Offs -- Your Security Is a Joke: LulzSec -- Anonymous ́Modus Operandi -- Targeting Governments, Corporations, and Individuals: Notable Hacks on Anonymous -- Habbo Hotel Raids -- Internet Vigilantism -- Project Chanology -- Arab Spring -- HBGary Federal and Aaron Barr -- Straightforward Operations -- Software for the Legion: Anonymous Products -- AnonTune -- AnonPaste -- Anonymous-OS 0.1/Live -- Summary -- Suggested Further Reading -- References -- Part II: Cyber Espionage and Exploitation -- Chapter 7: Enter the Dragon: Why Cyber Espionage Against Militaries, Dissidents, and Nondefense Corporations Is a Key Com ... -- Introduction -- Why Cyber Espionage Is Important to China: A Look at Chinese Cyber Doctrine -- Two Examples on Chinese Strategic Thought -- From Active Defense to Active Offense -- The Three Warfares -- The Art of War.

Leveraging Resources Beyond the Military: The Cyber Warriors of China -- INEW and Cyber in the PLA -- The Chinese Hacker Community: From Black Hat to White Hat -- Chinese Academia and Hacking -- Stealing Information from the U.S. Industrial-Military Complex: Titan Rain -- Cyber Reconnaissance: Footprinting, Scanning, and Enumeration -- Titan Rain Dissected -- They Never Hit a Wrong Key -- Indication of Chinese Involvement -- Cyber War Against the Corporate World: A Case Study of Cyber Intrusion Attributed to China -- Reconnaissance and Initial Entry -- Movement of Data on Company Yś Network -- Exfiltration of the Stolen Data -- Evidence of Chinese Involvement -- Monitoring Dissidents: Gh0stNet -- The Cycle of Cyber Operations Applied to APT -- Using Social Engineering and Malware to Perform Consolidation -- Harvesting Data from the Compromised Systems -- Hints of PRC Involvement -- Using Legitimate Web Sites for Data Exfiltration: The Shadow Network -- Leveraging Legitimate Web Sites for Data Exfiltration -- Targets of the Shadow Network -- Clues of Chinese Involvement in the Shadow Network -- Cyber War Through Intellectual Property Theft: Operation Aurora -- Trojan.Hydraq -- Theft of Intellectual Property -- Indicators of PRC Involvement -- An Example of the Current State of the Art: Sykipot -- Summary -- Suggested Further Reading -- References -- Chapter 8: Duqu, Flame, Gauss, the Next Generation of Cyber Exploitation -- Introduction -- Kernel Mode Rootkits -- Vulnerabilities in the Operating System -- Stolen Keying Material -- Commonalities Between Stuxnet and Duqu -- Information-Stealing Trojans -- The Geography of Duqu -- TDL3 and Other Malware -- Object-Oriented Malware: Stuxnet, Duqu, Flame, and Gauss -- Flame: King-Sized Malware -- Gauss: Malware to Monitor Financial Transactions -- Relationships Among Object-Oriented Malware -- Summary.

Suggested Further Reading -- References -- Chapter 9: Losing Trust in Your Friends: Social Network Exploitation -- Introduction -- Do You Really Know All Your LinkedIn Connections? Imposters in Social Networks -- Duping Corporations and Military Personnel: Robin Sage -- The Dangers of Transitive Trust -- Getting Your Personal Data Compromised While Trying to Impress the Boss: The Case of the SACEUR Imposter -- Designing Common Knowledge: Influencing a Social Network -- How the Syrian Electronic Army Attacked Rivals on Facebook -- The Future of Influencing Social Networks -- Summary -- Suggested Further Reading -- References -- Chapter 10: How Iraqi Insurgents Watched U.S. Predator Video-Information Theft on the Tactical Battlefield -- Introduction -- The Predator UAV -- Hacking the Predator Feed -- The Predatorś Vulnerability -- Wireless Networks -- Attribution and the Kataíb Hezbollah -- The History of the Predator Vulnerability -- Summary -- Suggested Further Reading -- References -- Part III: Cyber Operations for Infrastructure Attack -- Chapter 11: Cyber Warfare Against Industry -- Introduction -- Industrial Control Systems: Critical Infrastructure for Modern Nations -- Information Technology vs. Industrial Control Systems: Why Traditional Infosec Practices May Not Apply -- How Real-World Dependencies Can Magnify an Attack: Infrastructure Attacks and Network Topology -- How a Cyber Attack Led to Water Contamination: The Maroochy Water Breach -- Summary -- Suggested Further Reading -- References -- Chapter 12: Can Cyber Warfare Leave a Nation in the Dark? Cyber Attacks Against Electrical Infrastructure -- Introduction -- Cyber Attacks Directed Against Power Grids -- Access -- Discovery -- Control -- Destroying a Generator with a Cyber Attack: The Aurora Test -- Implementing an Aurora-Style Attack.

Taking the Power Grid Offline with Minimal Effort: Attacks Leveraging Network Topology -- Targeting Key Transmission Substations -- Causing Cascading Failure -- Dependencies on Computer Networks Can Lead to Cascading Failure -- Summary -- Suggested Further Reading -- References -- Chapter 13: Attacking Iranian Nuclear Facilities: Stuxnet -- Introduction -- The Alleged Target: The Natanz Fuel Enrichment Facility -- How Stuxnet Targets Industrial Control Systems -- Stuxnet Successfully Targets the Natanz Fuel Enrichment Plant -- Stuxnet Was Predominantly Found in Iran -- Stuxnet Source Code Resembles the Cascade Configuration at Natanz -- The Effectiveness of Stuxnet Against the Natanz Facility -- Reactions on Stuxnet from the Iranian Regime -- Was Natanz the Sole Target of Stuxnet? -- Stuxnet Is a Significant Advancement in Malware -- Stuxnet Invalidates Several Security Assumptions -- Implications for the Future -- Summary -- Suggested Further Reading -- References -- Conclusion and the Future of Cyber Warfare -- References -- Appendix I: Chapter 6: LulzSec Hacktivities -- References -- Appendix II: Chapter 6: Anonymous Timeline -- References -- Glossary -- Index.