Inside Cyber Warfare, 3rd Edition

Inside Cyber Warfare, 3rd Edition

by Jeffrey Caruso
Released September 2024
Publisher(s): O'Reilly Media, Inc.
ISBN: 9781098138516

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Buy on Amazon Buy on ebooks.com
Start your free trial

Book description

Get a fascinating and disturbing look into how state and nonstate actors throughout the world use cyber attacks to gain military, political, and economic advantages. In the third edition of this book, cyber warfare researcher Jeffrey Caruso explores the latest advances in cyber espionage and warfare that have emerged on the battlefields of Ukraine and the Middle East, including cyber attacks that result in the physical destruction of the target and the pairing of cognitive with maneuver warfare.

Inside Cyber Warfare features an exclusive deep dive into the wartime operations of an offensive cyber unit of Ukraine's Ministry of Defense as it works to defend the nation against Russian forces, particularly since the 2022 invasion:

  • See what happened when a Ukrainian cyber and special operations team worked together to destroy a secret missile laboratory
  • Explore the legal status of cyber warfare and civilian hackers
  • Discover how a cyber team with little money and limited resources learned to create fire from the manipulation of code in automated systems
  • Distinguish reality from fiction regarding AI safety and existential risk
  • Learn new strategies for keeping you and your loved ones safe in an increasingly complex and insecure world

Publisher resources

View/Submit Errata

Table of contents

  1. Foreword
  2. Preface
    1. Conventions Used in This Book
    2. O’Reilly Online Learning
    3. How to Contact Us
    4. Acknowledgments
  3. 1. How Did We Get Here?
    1. von Neumann’s Monster
    2. Is Software Killing People?
    3. To Disclose, or Not to Disclose, or to Responsibly Disclose
      1. Sony PlayStation Network
      2. Equifax
      3. Twitter
    4. Problematic Reporting of Exploits and Vulnerabilities
    5. The Exploit Database
    6. A Protection Racket?
    7. Summary
  4. 2. Who Did It?
    1. Attribution Is Inferred, Not Deduced
    2. Examining Our Assumptions
      1. The Exclusive Use Assumption
      2. The Working-Hours Assumption
      3. The Criminals Versus Spies Assumption
      4. Valid Concerns
    3. The Need for Independent Fact-Finding
    4. A Proposed International Attribution Mechanism Modeled after the OPCW
    5. Summary
  5. 3. Establishing Corporate Accountability
    1. Pay for Protection
    2. It All Comes Down to Cost Calculation
      1. The Railroad
      2. Shipping
      3. Automobiles
      4. Software
    3. The Move to Software Regulation
      1. As Is
      2. Independent Testing
    4. The National Cybersecurity Strategy
    5. Summary
  6. 4. The Legal Status of Cyber Warfare
    1. Ukraine’s Call to Arms for Hackers
    2. Rules Related to Cyber Attacks
      1. The International Committee of the Red Cross
      2. The International Criminal Court
      3. Cyber Attacks against Civilians During Wartime
      4. Incitement to Genocide
    3. Legal Review of Cyber Weapons
    4. The Civilian Hacker Targeting Matrix
      1. A Decision Tree for the Legal Targeting of Combatants and Civilians
    5. Case Studies
      1. Junaid Hussain
      2. The Anonymous War on ISIS
      3. The Ukraine Power Grid Attack
    6. Summary
  7. 5. The New Enmeshed War Strategy
    1. Cognitive Warfare and Operations in the Information Environment
    2. A Central Figure: Yevgeny Prigozhin
      1. The Wagner Group
      2. The Internet Research Agency
    3. Case Study #1: Ukraine
      1. The Wagner Group’s Campaign
      2. The Internet Research Agency’s Campaign
    4. Case Study #2: Syria
      1. The Wagner Group’s Campaign
      2. The Internet Research Agency’s Campaign
    5. Case Study #3: Mali
      1. The Wagner Group’s Campaign
      2. The Internet Research Agency’s Campaign
    6. Platforms for Disinformation and Misinformation 
      1. X
      2. TikTok
    7. Using Social Media for Surveillance
      1. F3EAD
      2. Benign Surveillance (Not) and Real-Time Bidding
    8. Best Practices
      1. Disinformation and Misinformation
      2. Cyber Warfare
    9. Summary
  8. 6. Cyber Attacks with Kinetic Effects
    1. We Can Only Measure What’s Been Discovered
    2. Attacking Operational Technology
      1. The Aurora Generator Test
      2. Iran Centrifuge Assembly Center 
      3. Underground Fuel Enrichment Plant
      4. Gazprom
      5. Gazprom Sartransneftegaz Pipeline
      6. Gazprom Urengoy Center 2 Pipeline
      7. Gazprom Urengoy Pipeline
      8. Second Central Research Institute of the Ministry of Defense of the Russian Federation
      9. Khouzestan Steel Company 
      10. Evaluating the Effectiveness of Sabotage
    3. Defending Against Cyber/Physical Attacks
    4. Summary
  9. 7. AI
    1. Defining Terms
      1. Generative AI
      2. Neural Network
      3. Narrow AI
      4. Foundation Model
      5. Frontier AI
      6. Artificial General Intelligence
      7. Superintelligence
    2. Present Risks
      1. Cybersecurity Vulnerabilities
      2. Automated Decision Making
      3. Warfighting
    3. Speculative Risks
      1. Self-Preservation
      2. The Treacherous Turn
      3. The Sharp Left Turn
    4. Risk Versus Probability
      1. The Zero-Probability High-Impact Risk Model
    5. Regulation
    6. Summary
      1. Risk
      2. Regulation
      3. Influence
  10. Afterword
    1. Reduce Your Attack Surface
    2. Create Redundancies for Your Critical Systems
    3. Diversify Your Risks
  11. Index
  12. About the Author

Product information

  • Title: Inside Cyber Warfare, 3rd Edition
  • Author(s): Jeffrey Caruso
  • Release date: September 2024
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781098138516