Cyberwarfare is a complex topic to define. It’s a relatively new concept, and there are many ways to refer to it: cyberwar, cyber war, cyberwarfare, cyber warfare, and more. Irrespective of how one wants to spell or define it, the reality is that it is upon us. And it behooves every organization and nation to have a plan to deal with it. If not, the only alternative is that they will be a victim.
In The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime (No Starch Press), author Jon DiMaggio has written an interesting book that provides an overview of the new world order of cyberwarfare.
One of the earliest viruses was Yankee Doodle in 1989, which was limited to playing the song Yankee Doodle daily at 5 p.m. Thirty-three years later, the scene is radically different. Countries such as North Korea, China, and others use cyberwarfare technologies to launch attacks against their enemies’ technology systems, steal massive amounts of money from these enemies, and more.
The first half of the book details the overall issue and many examples of nation-state attacks and state-sponsored financial attacks. In many organizations, management is still in denial and thinks no nation-state would be interested in attacking them. The first four chapters provide plenty of fodder for security management to present to senior management and the board to help them understand the scope of these massive security issues.
The book spends time detailing the threat from North Korea. While North Korea, more correctly, the Democratic People’s Republic of Korea (DPRK), may find most of its 26 million citizens living in poverty, hunger, and without electricity, the country is a significant digital threat to the west. DiMaggio writes that the DPRK is a patient attacker that spends considerable amounts of time within the target’s environment before executing the financial theft phase of the attack.
In some cases, DPRK attackers spent several months observing and learning their target systems and how they connect and interact with other banking resources. Firms that don’t have appropriate defenses against attackers like the DPRK may find themselves on the receiving end of a digital attack.
Part two of the book details threat hunting and analyzing advanced cyberthreats. There are many tools that can be used for analysis and attribution. But DiMaggio cautions that this is not a trivial endeavor and notes that far too many companies and countries have jumped the gun when it comes to attribution, which they later regretted by blaming the wrong perpetrator.
For those looking for a guide to help them understand the new world of cyberwar, The Art of Cyberwarfare provides readers with a good overview of this expanding threat and what they can do to avoid being victims.