Begin Your Journey With Cyberwar: The Next Threat To National Security What To Do About It Originated By Richard A. Clarke Ready In Physical Edition

Blog Terebrate review of this book: sitelink ly/VSvY

Executive Summary:

I recommend this book, It is essential to the cyber warrior who needs to understand the historical context around the evolution of defending any nation in cyber space.
For international policy makers, it is a good place to start for a real discussion about substantive policies that the international community should consider.
For the commercial security folks, read this book if you want insight into how government policy makers frame the problem and what they would want to implement if they could.
Even if you do not agree with the policies, you will understand what they want, Clarke and Kane discusses the nature of cyber warfare, cyber espionage, cyber crime and cyber terrorism and provide specific examples of cyber warfare and cyber espionage.


:

Since, a plethora of books have hit the market that discuss the issue of cyber warfare, Here are just a few:

Apr: Cyberpower and National Security National Defense University by Franklin D, Kramer, Stuart H. Starr and Larry Wentz

Nov,: Cyberdeterrence and Cyberwar by Martin C, Libicki

Jan,: Inside Cyber Warfare: Mapping the Cyber Underworld by Jeffrey Carr

Apr,: Cyber War: The Next Threat to National Security and What to Do About It by Richard A.
Clarke and Robert Knake

Jul,: Surviving Cyberwar by Richard Stiennon

Jun,: Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners by Jason Andress and Steve Winterfeld

Sep,: America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare by Joel Brenner

I have read two Winterfelds and now Clarkes and I am working my way down the list, but I wanted to read this one sooner than later because of Clarkes background.
Before he retired from government service, he served three different US Presidents: the Special Assistant to the President for Global Affairs, the National Coordinator for Security and Counterterrorism and the Special Advisor to the President for Cyber Security.
Besides, I just finished reading his novel “Breakpoint,” about a significant cyber threat to the US and thought he got most of the technical stuff right.
I figured he might have something smart to say about Cyber War,

Clarke and Kane published this in April, just months short of when the public became aware of STUXNET, Some of the things he suggests for ways forward suffer because of that game changing event, but for the most part, I like what he brings to the table.
But because of his background, this book is about policy and not really about how a nation might deploy assets in a cyber war.
Specifically, it is about what the US should consider adopting going forward when considering the implications of an allout cyber war,

He starts with a history of cyber events to demonstrate why we need the policy, He covers the usual suspects and adds one or two for which I had not previously heard:

CND: Eligible Receiver: US Red Team exercise that showed how vulnerable the DOD is to cyber attack.


Espionage: Moonlight Maze: Massive government and governmentcontractor data exfiltration traced back to a Russian mainframe attribution: likely Russian government,

Warfare: “Unrestricted Warfare” Book by Chinese military leaders that crystalizes Chinas thoughts on asymmetric warfare,

Espionage: Titan Rain: Widespread compromise and data exfiltration of US government and USgovernmentcontractor systems attribution: likely Chinese government,

Warfare: US Compromise of Iraq Email System prior to launch ofd Iraq War,

Warfare: DDOS attack against Estonia attribution: likely Russian government,

Warfare: USIsraeli DOS attack against Syrian Air Defense Systems,

Warfare: DDOS attack against Georgia attribution: likely Russian government,

Warfare: DDOS attack against US and South Korean targets attribution: likely North Korean government,

Notice that some of these events are not really about cyber warfare at all, Two are strictly cyber espionage related Moonlight Maze and Titan Rain, One is purely Computer Network Defense Eligible Receiver, Some Estonia and Georgia just barely meet Clarkes cyber warfare definition:

“The term “cyber war” refers to actions by a nationstate to penetrate another nations computers or networks for the purposes of causing damage or disruption.
”

But all of these events have shaped Clarkes thoughts on what to do about cyber warfare, “Eligible Receiver” proved that DOD networks are vulnerable, Even after a decade, you could make the case that DOD networks are as porous today as they were back in, “Moonlight Maze” was the proverbial wakeup call though, A year before the Chinese figured out what Asymmetry is, somebody from Russia broke into a large number of government systems and stole truckloads of data.
I believe this is the first documented public cyber espionage case, A year later, the Chinese crystalized their thoughts about how useful asymmetry might be in a coming conflict with the US,

The Chinese watched how successful the Americans were in the first Iraq war but also how dependent on technology the US Army was in its efforts.
Chinese military leaders believed that a nation that was not as strong militarily China could leverage an existing asymmetry by concentrating on defeating the technology first and not the tanks, air craft carriers and fighter jets that they were no match for.
According to dictionary. com, Asymmetry means a “Disproportion between two or more like parts, ” Clarke says that when a nation sits on the high end of that equation the US for example, they have a high degree of “cyber dependence.
” In other words, that nation depends greatly on cyber for it to function, If that is out of balance, an asymmetric advantage develops and cyber defense is more important than cyber offense,

The Chinese wanted to take advantage of that and published their first thoughts about the idea in that “Unrestricted Warfare” book.
Four years later, “Titan Rain” proved again how weak the DOD networks were and how successful the Chinese had been in pursuing their asymmetric vision.


From there, Clarke describes examples of how various nation states have experimented with Cyber Warfare in the past: US, Russia, Israel and North Korea.
With this history lesson complete, Clarke makes the case that the US defenses against these kinds of attacks are weak, both for government networks and for commercial networks, and spends the rest of the book talking about what should be done about it.


Clarkes bottom line is that, painful as it might be, the US will require sweeping new laws, regulations and policy in order to protect the nation from this threat.
He points out that Cyber Command is responsible for defending the DOD networks and that the Department of Homeland Security is responsible for protecting the nonDOD government networks.
Nobody is responsible for protecting the commercial side, That seems short sighted when you lay it out like that, but in truth, the commercial side really wants no part of US government help when it comes to defending their own networks.
Lets face it, the governments track record is not that good, About the only thing the commercial side wants from the government is their intelligence feed, This standoff between the US government and the commercial sector has been going on for well over a decade, Clarkes point is that enough is enough, Tough decisions are required. He proposes the Defense Triad Strategy:

: Secure the US Backbone
: Secure the US Power Grid
: Install security best practices on all government networks NIPRNET /SIPRNET /JWICS

I totally agree with the first one.
Today, the US internet is a conglomeration of commercial ISPs who interconnect with each other as the business need demands, Their connections to each other and to the rest of the world are based on business decisions, While all of the big ones cooperate with each other and with the US government, their first priority is to make money, If a large scale attack on the financial system, for example, is launched from a foreign adversary, the US government has no first hand means to monitor the situation.
They have to depend on the generosity of the commercial sector to share information, Today, most of these commercial companies willingly share with the government, but the system is inefficient and will likely not prevent the first wave of attacks.
Clarkes point is that somebody from the government should be monitoring the US cyber perimeter, Privacy advocates will scream and detractors will point out that it is equally possible to launch an attack against the food system from within the US as it is from a foreign country.
Clarke acknowledges those issues but advocates that just because they will be controversial does not mean we should not address them,

For Clarkes second point, I was a little skeptical at first, Why single out power as the first priority amongdifferent critical infrastructure sectors such as banking, and food, After a little thought though, it is clear that power is the lynchpin for the entire shooting match, The reason the US is cyber dependent is

because it has reliable power distributed across the entire nation, Take that out and the rest of thecritical infrastructure sectors come tumbling down after it,

For his last point, it is a little sad that we have to say this, The US Government should install basic best practice security measures like needtoknow network segmentation, file encryption, and hostbased intrusion detection technology across all of its networks.
The fact that the government has not done this is a little scary, but it is my experience that this is not an act of incompetence.
It really comes down to cost, The US government networks are some of the largest in the world, To install all of that technology on every laptop and computer on three different networks is not cheap, In a world of limited resources, when you compare the tradeoff between buying file encryption software to, say, buying body armor for deployed soldiers, file encryption is going to lose every time.


Clarke realizes that it is unlikely that any US leader will be able to push through these radical ideas from the start.
In order to get there, he proposes six paths that the international community should work in parallel:

: Broad public dialog about cyber war
: Create the Defensive Triad
: International cooperation on Cyber Crime
: Cyber Arms Reduction beginning
: RampD for more secure networks
: President is required to make decision on Computer Network Attack CNA

Number three is a nobrainer.
Why does the world tolerate things like spamming organizations and botnets In my naive fantasy world, I can see world leaders, perhaps sitting around the negotiating table at the UN, deciding that these kinds of things will not exist and whenever one is discovered, every nation pitches in to dismantle them.
OK, so this might not be realistic, but I think there is a lot more common ground here then there is disagreement,

For cyber arms reduction, Clarke comes from the nuclear world and it makes sense that he would try to apply the successes that world has achieved in the cyber space arena.
I am not quite sure what would come of those discussions especially since the US has decided that Computer Network Attack See Stuxnetis a viable middle ground to influencing nations in the middle east as compared to deploying troops or dropping bombs, but perhaps the international community can agree on big ticket items like not attacking each others power grids.
But, by all means, lets bring the leaders to the table and see what comes of it,

For number three Cyber arms reduction and number four presidential decision making, this is where Clarke did not benefit from knowing about Stuxnet prior to publishing his book.
For the attacks against the Iranian uranium enrichment facility, President Bush moved the operation under Titleauthority the intelligence channels, Using something called Presidential Findings, the US President is authorized to approve covert missions, These cyber operations fall loosely into the same legal category as drone operations in the Middle East and the assassination of Osama Bin Laden in Pakistan.
A Presidential Finding is a written description of a covert action that must be shared with the appropriate intelligence committees in Congress, They describe influence actions against political, economic or military objectives, The good news is that one of the six parallel paths on Clarkes list is already done,

I have one side note to discuss before I finish this review, Clarke describes how the US Air Force, Navy and Army have progressed in the cyber arena since “Moonlight Maze, ” He was not kind to the US Army: "If the Army sounds like the least organized of the services to fight cyber war, that is because it is.
" Some of you may know that my last job in Army was running the Army Computer Emergency Response Center ACERT right around the Titan Rain timeframe.
My job was to coordinate actions across the cyber spectrum: Defense, Exploitation and Attack, When I was there, we were breaking new ground trying to figure out how to operate in this new space, General Alexander, now the NSA Director and the commander of Cyber Command, was my senior rater, Some of the things he is doing at the national level at Cyber Command, he experimented first as the INSCOM Commander in charge of the ACERT.
I admit that hearing that the Army has fallen so far behind the other services in this arena stings a bit, To be fair though, the Army has been fighting two land wars in the Middle East for the past decade, Their leadership may have had one or two other pressing issues to worry about then developing their cyber capability,

I recommend this book, At the very least, an open and frank discussion of Clarkes six parallel paths between international government leaders and commercial business leaders would not be a bad thing.
Nothing can happen if we do not put everything on the table and discuss it, We can use Clarkes book to get the conversation started,

Sources:

“Bio: Richard A, Clarke,” Cyber War by Richard A, Clarke and Robert K. Knake, Last Visited:January
sitelink richardaclarke. net/bio. php

“Book : “Breakpoint” by Richard Clarke,” By Rick Howard, Terebrate,Jan, Last VisitedJanuary
sitelink blogspot. com

“A Declaration of CyberWar” by Michael Gross, Vanity Fair, April, Last visitedJanuary
sitelink vanityfair. com/culture/fea

“Cyberwar Timeline,” By Mark Clayton, The Christian Science Monitor,March, Last VisitedJanuary
sitelink csmonitor. com/USA

“Cyberattack Moonlight Maze Reveals Cracks in U, S. Defense,” By Elinor Abreu, PCWworld,May, Last VisitedJanuary
sitelink pcworld. com/article
“Cyberwar Timeline,” By Frontline,April, Last VisitedJanuary
sitelink pbs. org/wgbh/pages/frontli

“Establishing a Cyber Warfare Doctrine,” By Adrew Colarik and Lech Janczewski, Journal of Strategic Security, Volume, Issue, pg,, Last VisitedJanuary
sitelink usf. edu/cgi/vie

“Inside the Chinese Hack Attack Titan Rain,” By Nathan Thornburgh, Time Magazine,August, Last VisitedJanuary
sitelink time. com/time/nation/artic

Note: I could find no other sources corroborating this fact

“Israeli skyhack switched off Syrian radars countrywide Backdoors penetrated without violence.
” By Lewis Page, The Register,November
sitelink theregister. co. uk/

“North Korea launched cyber attacks, says south,” By Associated Press, theGuardian,July
sitelink guardian. co. uk/world

“Computer Spies Breach FighterJet Project F,” By Siobahn Gorman, The Wall Street Journal,April, Last VisitedJanuary
sitelink darkreading. com/security/n

“Chinese Hackers Stole Plans for America's New Joint Strike Fighter Plane F, Says Investigations Subcommittee Chair,” By Christopher Groins and Pete Winn, The Wall Street Journal,April, Last VisitedJanuary
sitelink com/news/article/chine

“Asymmetry,” By Dictionary, com, Last Viewed January
sitelink reference. com/brows

Note: I got this information from an interview I conducted with a military lawyer in the fall of, That lawyer wishes to be an anonymous source, .