Ben’s Book of the Month: Review of “The Art of Cyberwarfare”

Posted on by Ben Rothke

Cyberwarfare is a complex topic to define. It’s a relatively new concept, and there are many ways to refer to it: cyberwar, cyber war, cyberwarfare, cyber warfare, and more. Irrespective of how one wants to spell or define it, the reality is that it is upon us. And it behooves every organization and nation to have a plan to deal with it. If not, the only alternative is that they will be a victim.


In The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime (No Starch Press), author Jon DiMaggio has written an interesting book that provides an overview of the new world order of cyberwarfare.


One of the earliest viruses was Yankee Doodle in 1989, which was limited to playing the song Yankee Doodle daily at 5 p.m. Thirty-three years later, the scene is radically different. Countries such as North Korea, China, and others use cyberwarfare technologies to launch attacks against their enemies’ technology systems, steal massive amounts of money from these enemies, and more.


The first half of the book details the overall issue and many examples of nation-state attacks and state-sponsored financial attacks. In many organizations, management is still in denial and thinks no nation-state would be interested in attacking them. The first four chapters provide plenty of fodder for security management to present to senior management and the board to help them understand the scope of these massive security issues.


The book spends time detailing the threat from North Korea. While North Korea, more correctly, the Democratic People’s Republic of Korea (DPRK), may find most of its 26 million citizens living in poverty, hunger, and without electricity, the country is a significant digital threat to the west. DiMaggio writes that the DPRK is a patient attacker that spends considerable amounts of time within the target’s environment before executing the financial theft phase of the attack.


In some cases, DPRK attackers spent several months observing and learning their target systems and how they connect and interact with other banking resources. Firms that don’t have appropriate defenses against attackers like the DPRK may find themselves on the receiving end of a digital attack.


Part two of the book details threat hunting and analyzing advanced cyberthreats. There are many tools that can be used for analysis and attribution. But DiMaggio cautions that this is not a trivial endeavor and notes that far too many companies and countries have jumped the gun when it comes to attribution, which they later regretted by blaming the wrong perpetrator.


For those looking for a guide to help them understand the new world of cyberwar, The Art of Cyberwarfare provides readers with a good overview of this expanding threat and what they can do to avoid being victims.

Ben Rothke

Senior Information Security Manager, Tapad

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community