Occasionally, cyber attacks make the news: on August 6, 2009, Twitter was disrupted by a denial of service attack as a Georgian blogger known as Cyxymu was targeted; only a few months earlier, another denial of service attack, thought to have originated in North Korea, disrupted U.S. and South Korean government sites. In 2005 and then again in 2007, Brazilian power grid was disrupted by unknown parties. And when they do, these events spark public interest and attention from legislators, both of which quickly fade, however. But those large scale events belie the constancy of dangers posed: threats do not go away simply because media attention shifts —i n fact, they grow when the spotlight is turned off. But neglect and a lack of understanding of the threats creates enormous vulnerabilities.
Large scale instances of theft of personal information do not just go away — data on millions of Americans can be used by bad actors in cyberspace to register domains for terrorist sites and other forms of identity theft, all without the knowledge of the victim, until the unwitting individual is arrested. Malware surreptitiously installed on a user's machine can turn the computer into zombie server of malicious code, not only infecting other machines, but also serving virtually anything that the botnet controller wishes to place on it.
If this book will scare you into turning off your modem, then Jeffrey Carr's purpose in writing Inside Cyber Warfare: Mapping the Cyber Underworld will be accomplished. Carr wants shine light at the problem and to raise the level of awareness of these threats, making the book, which is really more like a text book than a journalistic account, ideal reading for anyone interested in policy-making and those starting out in cyber security.
The cyber world provides numerous opportunities for sharing information and networking, but it also offers an ideal space for virtually undetectable espionage and criminal activities. It is the ultimate force multiplier: a cyberspy can engage in espionage, information gathering and even attacks and escape without detection; a single person, therefore, who is highly skilled can have a tremendous impact. Though some believe that cyber crime and cyber warfare are unrelated, it is often the case that cyber crime serves as a training ground for cyber warfare and espionage activities as both activities use many of the same methods and practices.
But tracking bad actors in cyber space and responding to acts of cyber warfare are difficult: what happens when a country is being attacked from a platform that sits within its own borders, as was the case with the Korean DdoS of July 2009? And the mere fact that a network in one country is used in an attack on another does not prove that the host country had anything to do with the attack: in 2008 servers located in Texas were used to attack Georgia websites. Explanations are unclear.
Beside considering various incidents of cyber warfare, Carr examines the legal frameworks for defining cyber warfare and possible approaches for responding to them. He even provides a proposal for a cyber early warning system, making the book a comprehensive, if dry, look at the problem.
One of the problems facing those who would try to fight cyber warfare is that cyber warfare has no internationally recognized definition. Acts including denial of service, data theft, web site defacement and the spreading of viruses and trojans can all be instances of cyber warfare, yet all these can also be merely criminal acts perpetrated by individuals rather than sponsored by states. Without a clear-cut definition, it is virtually impossible to retaliate officially against an attack.
The main reason why it is hard to define cyber warfare stems from the problems in tracing the culprits. The author illustrates the attribution problem through the case study of the Korean DDoS attacks of July 2009. Through to have originated in North Korea, the attack has actually been traced to servers in U.S. Despite the investigation, no party has been conclusively identified as responsible for the events. Part of the difficulty also lies in the fact that many hackers live inside major powers who place no priority on finding them, as long as they are perceived to be patriotic, complicating the investigations.
While definitions are hazy, and technical problems prevent attribution in many instances, the effects of cyber crime and warfare are quite real and serious. It is certainly a costly game to merely keep up with the sheer volume of threats: in the Weaponizing Malware chapter, Carr illustrates the fundamental vulnerability of anti-virus software — there are simply too many threats out there for security vendors to keep up pace with. Carr writes that a virus is created every 8 seconds.
There are human costs, too. One U.S. serviceman's identity was stolen, one of the many thousands of identities stolen every year, and used to register a terrorist website. Unfortunately, Carr does not provide more information about this incident, or more information about the individuals involved in many of the other incidents, making the book less appealing for its lack of human stories.