InfoSec Reviews – Inside Cyber Warfare

Reviewer Name: Jan Billing

Reviewer Qualifications: BSc (Hons), MCP

Book Title: Inside Cyber Warfare

Subtitle: Mapping the Cyber Underworld

Author(s): Jeffrey Carr

Publisher: O’Reilly Media

Date of Publishing: December 2009

ISBN(13): 9780596802158

Price (UK&US price – full price, not discounted price): £30.99, $39.99

URL of Publisher Site: O’Reilly Media URL of Amazon US web page:

Jeffrey Carr’s book, Inside Cyber Warfare, is a good introduction to the actors, threats, legal aspects, and investigation methods involved with cyber attacks. Carr’s background in cyber warfare, cyber self-defence, cyber-intelligence, and cyber security is based upon his years of experience in providing information services to governments. In 2008, Carr founded Project Grey Goose: an open source investigation, which initially examined how the Russian cyber war was conducted against Georgian Web sites, examining whether or not the Russian government was involved, or if it was entirely a grass-roots attack by patriotic Russian hackers. This project evolved, leading on to him investigating the defacement of the Indian Eastern Railway website by a group that identified themselves as the Whackerz Pakistan, and Operation Cast Lead, an Israeli military assault on Hama’s infrastructure in Gaza (and its resultant backlash from Arabic hackers). Much of Carr’s material in the book is based upon his investigation work for Project Grey Goose.

Chapter one introduces the scope of the problem that one faces when investigating a cyber attack.

Chapter two provides us with examples of non-state attackers and their motivations.

I particularly enjoyed chapters three and four as both chapters discuss the legal status of cyber warfare and what constitutes an act of cyber warfare.

Chapter four is a 30-page extract from Lt. Cdr. Matt Sklerov’s 111-page thesis, “Solving the Dilemma of State Response to Cyberattacks: A Justification for the Use of Active Defenses against States Who Neglect Their Duty to Prevent”.

Chapter five looks at the use of conventional Intelligence methods when used in investigating cyber crimes and acts of cyber warfare.

Chapter six focuses on the use of social networking services, such as, Twitter, Facebook and MySpace in cyber attacks. The author provides reasonable examples of how non-state hackers have used these resources and tools to achieve their goals.

Chapter seven follows the money paper trail of organising a cyber attack including domain registration, hosting services, etc.

Chapter eight examines the role of organised crime in cyber attacks and the relationship to other forms of cyber crime.

Chapter nine offers a very brief look at some of the tools used to investigate a cyber attack, including the use of BGP routing maps, and the WHOIS command.

Chapter ten, my favourite chapter, looks at the tools and methods that attackers employ in their attacks. Some of the methods that are discussed include SQL injection, Trojans, and social engineering attacks used in conjunction with social networking tools, and 0-day attacks.

Chapter eleven looks at how different governments are forming capabilities within their military forces. It provides documented examples of the strategies that these governments are developing.

Chapter twelve proposes a model of predicting cyber attacks based upon the various stages that are seen in cyber attacks and cyber espionage.

In his closing chapter, Carr attempts to reach out to his target audience, the policy makers, to recommended a mitigating course of actions.

Inside Cyber Warfare tries to cover a lot of topics all related to cyber warfare, however, this book is not very long, at just 205 pages, and this led me to feel that the author had attempted to cover too many topics in a fairly superficial book.

“Inside Cyber Warfare” attempts to be a lot of things to a lot of people. In his opening chapter, Carr describes his book as, “a collection of facts, opinions, and assessments about cyber warfare and its various permutations”. The book provides a good introduction to cyber warfare for those who are not well read on the subject, however, it was difficult to read due to it being, as previously stated, “a collection of facts, opinions, and assessments”. Often these sources are not well referenced which leaves the reader frustrated that they cannot review the original material.

Marks: 3 out of 5