cyber capabilities of those 4 countries

For this project, write a 3 to 4 page paper (not including title and reference page) in which you choose 4 countries from chapter 16 that are considered allies of the United States. Describe the cyber capabilities of those 4 countries. Make sure you use 2 to 4 peer-reviewed sources for this paper. Writing Requirements3-4 pages in length (excluding cover page, abstract, and reference list)APA format, Use the APA template located in the Student Resource Center to complete the assignment.Please use the Case Study Guide as a reference point for writing your case study.
inside_cyber_warfare.pdf

Unformatted Attachment Preview

Don't use plagiarized sources. Get Your Custom Essay on
cyber capabilities of those 4 countries
Just from $13/Page
Order Essay

Inside Cyber Warfare
Inside Cyber Warfare
Jeffrey Carr
foreword by Lewis Shepherd
Beijing • Cambridge • Farnham • Köln • Sebastopol • Taipei • Tokyo
Inside Cyber Warfare
by Jeffrey Carr
Copyright © 2010 Jeffrey Carr. All rights reserved.
Printed in the United States of America.
Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.
O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions
are also available for most titles (http://my.safaribooksonline.com). For more information, contact our
corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com.
Editor: Mike Loukides
Production Editor: Loranah Dimant
Copyeditor: Genevieve d’Entremont
Proofreader: Loranah Dimant
Indexer: John Bickelhaupt
Cover Designer: Karen Montgomery
Interior Designer: David Futato
Illustrator: Robert Romano
Printing History:
December 2009:
First Edition.
Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of
O’Reilly Media, Inc. Inside Cyber Warfare, the image of light cavalry, and related trade dress are trademarks of O’Reilly Media, Inc.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as
trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a
trademark claim, the designations have been printed in caps or initial caps.
While every precaution has been taken in the preparation of this book, the publisher and author assume
no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
TM
This book uses RepKover™, a durable and flexible lay-flat binding.
ISBN: 978-0-596-80215-8
[M]
1259961702
Table of Contents
Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
1. Assessing the Problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
The Complex Domain of Cyberspace
Cyber Warfare in the 20th and 21st Centuries
Cyber Espionage
Cyber Crime
Future Threats
Increasing Awareness
Critical Infrastructure
The Conficker Worm: The Cyber Equivalent of an Extinction Event?
Africa: The Future Home of the World’s Largest Botnet?
The Way Forward
1
2
4
5
6
7
8
12
13
14
2. The Rise of the Non-State Hacker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
The StopGeorgia.ru Project Forum
Counter-Surveillance Measures in Place
The Russian Information War
The Foundation for Effective Politics’ War on the Net (Day One)
The Gaza Cyber War Between Israeli and Arabic Hackers During
Operation Cast Lead
Impact
Overview of Perpetrators
Hackers’ Profiles
Methods of Attack
Israeli Retaliation
Control the Voice of the Opposition by Controlling the Content in
Cyberspace: Nigeria
Are Non-State Hackers a Protected Asset?
15
16
16
17
19
19
21
22
26
28
28
29
v
3. The Legal Status of Cyber Warfare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Nuclear Nonproliferation Treaties
The Antarctic Treaty System and Space Law
UNCLOS
MALT
U.S. Versus Russian Federation: Two Different Approaches
The Law of Armed Conflict
Is This an Act of Cyber Warfare?
South Korea
Iran
Tatarstan
United States
Kyrgyzstan
Israel and the Palestinian National Authority
Zimbabwe
Myanmar
Cyber: The Chaotic Domain
32
33
34
34
34
35
37
37
37
37
37
38
38
38
39
39
4. Responding to International Cyber Attacks As Acts of War . . . . . . . . . . . . . . . . . . . . 45
Introduction by Jeffrey Carr
Introduction
The Legal Dilemma
The Road Ahead: A Proposal to Use Active Defenses
The Law of War
General Prohibition on the Use of Force
The First Exception: UN Security Council Actions
The Second Exception: Self-Defense
A Subset of Self-Defense: Anticipatory Self-Defense
An Alternate Basis for Using Active Defenses: Reprisals
Non-State Actors and the Law of War
Armed Attacks by Non-State Actors
Duties Between States
Imputing State Responsibility for Acts by Non-State Actors
Cross-Border Operations
Analyzing Cyber Attacks Under Jus ad Bellum
Cyber Attacks As Armed Attacks
Establishing State Responsibility for Cyber Attacks
The Duty to Prevent Cyber Attacks
Support from International Conventions
Support from State Practice
Support from the General Principles of Law
Support from Judicial Opinions
Fully Defining a State’s Duty to Prevent Cyber Attacks
vi | Table of Contents
45
45
47
48
48
49
49
50
51
52
52
53
54
55
56
57
58
61
62
63
64
66
67
67
Sanctuary States and the Practices That Lead to State Responsibility
The Choice to Use Active Defenses
Technological Limitations and Jus ad Bellum Analysis
Jus in Bello Issues Related to the Use of Active Defenses
Conclusion
68
68
69
71
74
5. The Intelligence Component to Cyber Warfare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
The Korean DDoS Attacks (July 2009)
The Botnet Versus the Malware
The DPRK’s Capabilities in Cyberspace
One Year After the RU-GE War, Social Networking Sites Fall to DDoS
Attack
Ingushetia Conflict, August 2009
The Predictive Role of Intelligence
78
80
81
83
85
86
6. Non-State Hackers and the Social Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Russia
China
The Middle East
Pakistani Hackers and Facebook
The Dark Side of Social Networks
The Cognitive Shield
TwitterGate: A Real-World Example of a Social Engineering Attack with
Dire Consequences
Automating the Process
Catching More Spies with Robots
89
90
91
92
93
94
97
99
99
7. Follow the Money . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
False Identities
Components of a Bulletproof Network
ICANN
The Accredited Registrar
The Hosting Company
The Bulletproof Network of StopGeorgia.ru
StopGeorgia.ru
NAUNET.RU
SteadyHost.ru
Innovation IT Solutions Corp
Mirhosting.com
SoftLayer Technologies
SORM-2
The Kremlin and the Russian Internet
Nashi
103
105
105
106
106
106
106
107
108
110
112
112
114
115
115
Table of Contents | vii
The Kremlin Spy for Hire Program
Sergei Markov, Estonia, and Nashi
A Three-Tier Model of Command and Control
117
118
119
8. Organized Crime in Cyberspace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
A Subtle Threat
Atrivo/Intercage
ESTDomains
McColo: Bulletproof Hosting for the World’s Largest Botnets
Russian Organized Crime and the Kremlin
125
125
126
127
129
9. Investigating Attribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Using Open Source Internet Data
Background
What Is an Autonomous System Network?
Team Cymru and Its Darknet Report
Using WHOIS
Caveats to Using WHOIS
131
132
134
137
138
140
10. Weaponizing Malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
A New Threat Landscape
StopGeorgia.ru Malware Discussions
Twitter As DDoS Command Post Against Iran
Social Engineering
Channel Consolidation
An Adversary’s Look at LinkedIn
BIOS-Based Rootkit Attack
Malware for Hire
Anti-Virus Software Cannot Protect You
Targeted Attacks Against Military Brass and Government Executives
141
141
144
146
148
149
150
151
151
152
11. The Role of Cyber in Military Doctrine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
The Russian Federation
The Foundation for Effective Politics (FEP)
“Wars of the Future Will Be Information Wars”
“RF Military Policy in International Information Security”
The Art of Misdirection
China Military Doctrine
Anti-Access Strategies
The 36 Stratagems
U.S. Military Doctrine
viii | Table of Contents
161
163
165
166
169
171
174
174
176
12. A Cyber Early Warning Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Introduction by Jeffrey Carr
The Challenge We Face
Cyber Early Warning Networks
Building an Analytical Framework for Cyber Early Warning
Cases Studies of Previous Cyber Attacks
Lessons Learned
Defense Readiness Condition for Cyberspace
179
179
180
180
183
187
188
13. Advice for Policy Makers from the Field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
When It Comes to Cyber Warfare: Shoot the Hostage
The United States Should Use Active Defenses to Defend Its Critical
Information Systems
Scenarios and Options to Responding to Cyber Attacks
Scenario 1
Scenario 2
Scenario 3
Scenario 4
In Summary
Whole-of-Nation Cyber Security
191
194
196
196
197
198
198
198
199
Afterword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Table of Contents | ix
Foreword
During his campaign for reelection in 1996, the Internet-savvy President Bill Clinton
used the slogan “Building a Bridge to the 21st Century.” It turns out that the bridge is
operated and maintained in cyber form, and that malevolent actors can practice their
black arts to disrupt or destroy the bridge, its cyber traffic, and all who rely upon it.
And although it is disturbingly clear that the bridge to the 21st century can be taken
out, it is even more clear that we don’t always know by whom or why.
Jeffrey Carr’s Inside Cyber Warfare explores the factual background of why that is so,
who the actors are (and their motivations) and the likely future course of cyber warfare
in all its manifestations. In part, this book’s value is the comprehensiveness of its coverage, across the spectrum of militarized or warlike computer network operations
(CNO). New students of the field—and there are many, in academia, government, and
private industry—will benefit from the clear explication of the divisions between computer network defense, computer network exploitation, and computer network attack.
Examples abound of each, described in dispassionate, factual prose more helpful than
the sometimes frightening headline media coverage of isolated events.
Experts in the field of cyber warfare and CNO will find that these pages are required
reading, for Jeffrey Carr has applied an evidentiary analytical framework to understanding the intricacies that distinguish state and non-state actors and hackers, and the
varying but discoverable mosaic of political, economic, and social motivations that
incentivize cyber warfare.
I first became aware of Jeffrey Carr and his expertise while serving in the intelligence
community, where like others, I relied on his much-read-within-the-Beltway blog
Intelfusion. For this book, Carr’s background is ideal: an early career at the world’s
leading software and technology company (Microsoft), his entrepreneurial founding of
the highly regarded Project Grey Goose (which I have advised), and the activities of his
GreyLogic organization. He now adds to that list the title of “authority,” with its imprimatur stamped by virtue of the pages in this book.
xi
Military analysts, pundits, and warfighters alike have known for centuries the Latin
adage attributed to “the Roman Sun Tzu,” Publius Flavius Vegetius Renatus, famous
for his “art-of-war” classic from 390 BC, De Re Militari: “Si vis pacem, para bellum”;
if you wish peace, prepare for war. Inside Cyber Warfare is the necessary handbook for
a new 21st century in which all who hope for the new world of cyber-powered peaceful
interactions must prepare for cyber war.
—Lewis Shepherd
Chief Technology Officer and Senior Fellow,
Microsoft Institute for Advanced Technology in Governments
Senior Technology Officer, Defense Intelligence Agency (2004–2007)
xii | Foreword
Preface
I was recently invited to participate in a cyber security dinner discussion by a few
members of a well-known Washington D.C. think tank. The idea was that we could
enjoy a fine wine and a delicious meal while allowing our hosts to pick our brains about
this “cyber warfare stuff.” It seems that the new threatscape emerging in cyberspace
has caught them unprepared and they were hoping we could help them grasp some of
the essentials in a couple of hours. By the time we had finished dinner and two bottles
of a wonderful 2003 red, one of the Fellows in attendance was holding his head in his
hands, and it wasn’t because of the wine.
International acts of cyber conflict (commonly but inaccurately referred to as cyber
warfare) are intricately enmeshed with cyber crime, cyber security, cyber terrorism, and
cyber espionage. That web of interconnections complicates finding solutions because
governments have assigned different areas of responsibility to different agencies which
historically do not play well with others. Then there is the matter of political will. When
I signed the contract to write this book, President Obama had committed to make cyber
security a top priority in his administration. Seven months later, as I write this introduction, cyber security has been pushed down the priority ladder behind the economy
and health care, and the position of cyber coordinator, who originally was going to
report directly to the President, must now answer to multiple bosses with their own
agendas. A lot of highly qualified candidates have simply walked away from a position
that has become a shadow of its former self. Consequently, we all find ourselves holding
our heads in our hands more often than not.
Cyberspace as a warfighting domain is a very challenging concept. The temptation to
classify it as just another domain, like air, land, sea, and space, is frequently the first
mistake that’s made by our military and political leaders and policy makers.
I think that a more accurate analogy can be found in the realm of science fiction’s
parallel universes–—mysterious, invisible realms existing in parallel to the physical
world, but able to influence it in countless ways. Although that’s more metaphor than
reality, we need to change the habit of thinking about cyberspace as if it’s the same
thing as “meat” space.
xiii
After all, the term “cyberspace” was first coined by a science fiction writer. My own
childhood love affair with science fiction predated William Gibson’s 1984 novel Neuromancer, going all the way back to The New Tom Swift Jr. Adventures series, which
was the follow-up to the original series of the early 1900s. By some quirk of fate, the
first Tom Swift Jr. book was published in 1954 (the year that I was born) and ceased
publication in 1971 (the year that I left home for college). Although the young inventor
didn’t have cyberspace to contend with, he did have the “Atomic Earth Blaster” and
the “Diving Sea Copter.” In an otherwise awful childhood, the adventures of Tom Swift
Jr. kept me feeling sane, safe, and excited about the future until I was old enough to
leave home and embark on my own adventures.
Now, 38 years later, I find myself investigating a realm that remains a sci-fi mystery to
many leaders and policy makers of my generation, while younger people who have
grown up with computers, virtual reality, and online interactions of all kinds are perfectly comfortable with it. For this reason, I predict that the warfighting domain of
cyberspace won’t truly find its own for another five to eight years, when military officers
who have grown up with a foot in both worlds rise to senior leadership roles within the
Department of Defense.
How This Book Came to Be
This book exists because of an open source intelligence (OSINT) experiment that I
launched on August 22, 2008, named Project Grey Goose (Figure P-1). On August 8,
2008, while the world was tuning in to the Beijing Olympics, elements of the Russian
Federation (RF) Armed Forces invaded the nation of Georgia in a purported self-defense
action against Georgian aggression. What made this interesting to me was the fact that
a cyber component preceded the invasion by a few weeks, and then a second, much
larger wave of cyber attacks was launched against Georgian government websites
within 24 hours of the invasion date. These cyber attacks gave the appearance of being
entirely spontaneous, an act of support by Russian “hacktivists” who were not part of
the RF military. Other bloggers and press reports supported that view, and pointed to
the Estonian cyber attacks in 2007 as an example. In fact, that was not only untrue, but
it demonstrated such shallow historical analysis of comparable events that I found
myself becoming more and more intrigued by the pattern that was emerging. There
were at least four other examples of cyber attacks timed with RF military actions dating
back to 2002. Why wasn’t anyone exploring that, I wondered?
I began posting what I discovered to my blog IntelFusion.net, and eventually it caught
the attention of a forward deployed intelligence analyst working at one of the threeletter agencies. By “forward deployed” I refer to those analysts who are under contract
to private firms but working inside the agencies. In this case, his employer was Palantir
Technologies. “Adam” (not his real name) had been a long-time subscriber to my blog
and was as interested in the goings-on in Georgia as I was. He offered me the free use
of the Palantir analytic platform for my analysis.
xiv | Preface
Figure P-1. The official logo of Project Grey Goose
After several emails and a bunch of questions on my part, along with my growing
frustration at the overall coverage of what was being played out in real time in the North
Caucasus, I flashed on a solution. What would happen if I could engage some of the
best people inside and outside of government to work on this issue without any restrictions, department politics, or bureaucratic red tape? Provide some basic guidance,
a collaborate work space, and an analytic platform, and let experienced professionals
do what they do best? I loved the idea. Adam loved it. His boss loved it.
On August 22, 2008, I announced via my blog and Twitter an open call for volunteers
for an OSINT experiment that I had named Project Grey Goose. Prospective volunteers
were asked to show their interest by following a temporary Twitter alias that I had
created just for this enrollment. Within 24 hours, I had almost 100 respondents consisting of college students, software engineers, active duty military officers, intelligence
analysts, members of law enforcement, hackers, and a small percentage of Internetcreated personas who seemed to have been invented just to see if they could get in (they
didn’t). It was an astounding display of interest, and it took a week for a few colleagues
and I to make the selections. We settled on 15 people, Palantir provided us with some
training on their platform, and the project was underway. Our Phase I report was produced about 45 days later. A follow-up report was produced in April 2009. This book
pulls from some of the data that we collected and reported on, plus it contains quite a
bit of new data that has not been published before.
A lot has happened between April 2009 and September 2009, when the bulk of my
writing for this book was done. As more and more data is moved to the Cloud and the
popularity of social networks continues to grow, the accompanying risks of espionage
and adversary targeting grow as well. While our increasingly connected world does
manage to break down barriers and increase cross border friendships and new understandings, the same geopolitical politics and national self interests that breed conflicts
and wars remain. Conflict continues to be …
Purchase answer to see full
attachment

GradeAcers
Calculate your paper price
Pages (550 words)
Approximate price: -

Why Work with Us

Top Quality and Well-Researched Papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

Professional and Experienced Academic Writers

We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.

Free Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.

Prompt Delivery and 100% Money-Back-Guarantee

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

Essays

Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.

Admissions

Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.

Reviews

Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.

Reviews

Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.

Order your essay today and save 15% with the discount code DISCOUNT15