Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners by J. Andress and S. Winterfeld
Chapter 2: The Cyberspace Battlefield
All wars have a battlefield and cyber warfare is no different. Where conventional warfare have solders within a country’s border, terrorism has expanded the fighter’s deployment and cyberspace has obviated both deployment and borders. A cyber attacker can actually be located within your own country, be a fellow citizen or even one of your allies. What is also ironic is that human suffering is collateral damage since the actual attack is not human against human or machine against human, but machine against machine. Human life is devastated by what happens when a machine malfunctions.
Cyber warfare’s virtual battlefield is analyzed in three ways: logical, physical and organizational. Cyber security is designed to build a defense wall around a network. This is not much difference than the historic defenses of a medieval castle (moat, drawbridge, battlements, etc.) But now we have logon passwords, firewalls, anti-virus, etc. Castles also had weapons to kill their attackers (spears, arrows, catapults and burning hot oil), but currently cyber security does not have much in the way of weapons of destruction. We are too busy going on the defense after something catastrophic happens.
Once the networks are protected, the cyber attackers will target the physical infrastructure like the HVAC, electricity, people, etc. Here companies are vulnerable to surveillance, sabotage, vandalism and blackmail. Finally, an attack is also determined by its organization: Government (federal, state, or local) or Commercial (multi-international corporation, SMB or home business). Ironically, governments have far more money available for defenses and retaliation, but they also have some of the oldest equipment that are vulnerable to attacks. Businesses have the most up to date equipment but only invest money in security based on ROI and risk assessments. From an attackers perspective both are easy prey.
Arming yourself against cyber warfare will not be tremendously effective if you don’t understand the enemy and their threats. In the Art of War by Sun Tzy there is a very prophetic quote: “If you know neither the enemy nor yourself, you will succumb in every battle.”
Attackers fall into six categories: Script kiddies, criminals, hacker groups, insiders, political/religious and APT/Nation states. There are more script kiddies than nation states, but the damage they can do is the inverse. Then the final piece in the puzzle are the motivations of the attacker (money, espionage, fame, terrorism, hacktivism, etc.)
In conclusion, the authors have written a very compelling chapter that helps one understand the cyberspace battle field by making comparisons to the physical world.
It is through understanding your attacker, the damages and the motivations that we can full understand and appreciate this quote: “Success in warfare is gained by carefully accommodating ourselves to the enemy’s purpose.” ~Sun Tzy.