Inside Cyber Warfare

Jeffrey Carr

Published by

O’Reilly

ISBN

9781449310042

RRP

$39.99

Reviewed by

Nick Dunn

Score

7 out of 10

While this book describes itself as a survey of the current cyber warfare landscape, it would be more correct to describe it as a guide for US citizens and security practitioners.

The author is a consultant to the US government and also runs Project GreyGoose, meaning that the book focusses very much on US concerns and is less useful to readers from Britain, Australia and other English-speaking countries despite its availability throughout these areas.

A lot of work and research have clearly been done and the chapters cover different cyber attack types and technologies, the capabilities of various nations and an examination of recent attacks (or alleged attacks, to be more correct).

The large number of references and citations provide a lot of confidence in what is being said, but many statements are also made with no evidence presented, leaving the reader wondering what they are based on.

There are technical sections covering different types of attack and the weaponisation of malware, which gets a good balance between providing sufficient technical detail without alienating the reader.

The author’s background means that the book does not serve as an impartial survey of cyber warfare as a whole, but more as a description of the USA’s adversaries. For instance, the Stuxnet malware, used to attack Iranian nuclear systems was an extremely unusual piece of software, suspected to have had US and/or Israeli origins.

It might be expected to have a section or even a chapter devoted to it. However, it is ignored other than a brief mention, while less sophisticated attacks, which have been attributed to Russia and China have entire chapters devoted to them. Likewise, Iran is not discussed as a country at risk from cyber attack, although its ability to attack the West is discussed over several pages.

This is not being said with the intention of sounding too critical. As a guide to cyber warfare for US citizens, the book is an excellent reference, although anyone working in this field outside the US will probably only find a use for it as a guide to current US thinking or as part of a wider library.

Further information: O'Reilly

April 2012