The Basics of Cyber Warfare

Steve Winterfeld and Jason Andress

Published by






Reviewed by

George Williams MBCS CITP


8 out of 10

Subtitled ‘Understanding the Fundamentals of Cyber Warfare in Theory and Practice’, this short nine-chapter book, jointly authored by two highly experienced military and commercial security experts, covers the subject in some depth across a mere 140 pages.

Conveniently the introductory chapter provides a précis of how the other chapters in the book are organised, which is convenient for the reader to dip in to specific topics.

Disappointingly, in the opening chapter, the VeriSign Threatscape Map, designed to show the different components in the cyber environment and how they interact, was so poorly reproduced in my review copy as to be almost illegible.

The book’s content is very much dominated by the military contributor, and takes the majority of its findings from the US military experience, so much so as to become achingly repetitive and, to be frank, a turn-off. Though if you like your three letter acronyms in generous dollops, then this is the book for you.

Chapter 4, which focuses on tools and techniques, is eye-opening - looking at logical and physical weapons. The former are the tools and software programs used in a cyber warfare context, which are not conceptually different from the tools used in everyday penetration testing of applications, systems and networks, except that the intent and the impact of their use is often greatly increased  in a cyber warfare scenario.

On the physical side the authors maintain that, given the ease of constructing backup systems on a variety of infrastructures , it is entirely possible that multiple systems would need to be taken down to remove the cyber capability of an opponent. An attack as simple as setting the IP address on a device to will disable its functionality quite handily!

The book is extremely well researched - each chapter refers out to a substantial list of references. The book concludes with a look at where cyber warfare is heading, and includes a useful index.

For me, the most useful item of information in the book is the answer to question most often asked after discussing the cyber threatscape, which is ‘How should we protect ourselves at home? The answer is ‘safe behaviours’, including firewall, up-to-date antivirus, patching all applications, keeping private and financial data on a removable hard drive that is only connected when it needs to be used, and backing up valuable data to a place that will not be destroyed if the system is stolen or destroyed.

In conclusion, I was hoping for an enjoyable and interesting read. In reality, despite being only 140 pages in length, this book is hard work and best digested a few chapters at a time. But stick with it, and you will be amazed at the military mindsets and what potentially is happening out there - without your knowledge!

Further information: Syngress

October 2013