LEADER 06401nam  2200505   450 
001 996499855403316
005 20230330213151.0
010   $a9783030972998$b(electronic bk.)
010   $z9783030972981
035   $a(MiAaPQ)EBC7143441
035   $a(Au-PeEL)EBL7143441
035   $a(CKB)25402004600041
035   $a(PPN)266351883
035   $a(EXLCZ)9925402004600041
100   $a20230330d2022      uy             0
101 0 $aeng
135   $aurcnu||||||||
181   $ctxt$2rdacontent
182   $cc$2rdamedia
183   $acr$2rdacarrier
200 10$aCyberwarfare $ethreats to critical infrastructure /$fKristan Stoddart
210  1$aCham, Switzerland :$cSpringer,$d[2022]
210  4$d©2022
215   $a1 online resource (550 pages)
225 1 $aPalgrave studies in cybercrime and cybersecurity
311 08$aPrint version: Stoddart, Kristan Cyberwarfare Cham : Springer International Publishing AG,c2022 9783030972981 
320   $aIncludes bibliographical references and index.
327   $aIntro -- Acknowledgments -- Contents -- Abbreviations and Concepts -- List of Figures -- 1 Introduction -- Cyberwar and Critical Infrastructure -- The Threat Actors -- The Cyber Context: States as Targets and Attackers -- Cybercriminals and Their Usefulness as 'Proxies' and 'Privateers' -- The Threat Landscape -- Machine Learning, Artificial Intelligence, and High Performance (Quantum) Computing -- Critical Infrastructure: ICS and SCADA -- Subdue the Enemy Without Fighting -- Cyber: The Fifth Domain of Warfare -- A Short Guide to Terminology -- Malware -- Cyber Forensics -- Overview -- Notes -- 2 On Cyberwar: Theorizing Cyberwarfare Through Attacks on Critical Infrastructure-Reality, Potential, and Debates -- Introduction -- The Fog of Cyberwar -- What Is Cyberwar(fare)? -- Cyberwar Deconstructed -- Hybrid Warfare -- International Law: JWT and the LOAC -- Rules of Engagement -- The Tallinn Manuals and the Cyberwarfare Debate -- Cyberwar Against Critical Infrastructure as a War Winner -- The Failure of Cyber Deterrence and the Attribution Problem -- Iran -- North Korea -- Policy and Debates in the United States -- The 2018 U.S. National Cyber Strategy: CISA and the Biden Administration -- The U.S. Military and 'Forward Defense' -- Conclusion -- Notes -- 3 Cyberwar: Attacking Critical Infrastructure -- Introduction -- SCADA Systems and Critical Infrastructure -- Proof-of-Concept: Aurora and Stuxnet -- The Implications of Aurora and Stuxnet -- Real-World Cases -- Electricity Generation and Distribution -- Electricity Producing Sites Include Nuclear Power Stations -- Water Treatment and Sanitation -- Dams and Reservoirs -- The Oil and Gas Industry: Rigs, Refineries, and Pipelines -- Chemical Plants -- Ports and Logistics -- Merchant Shipping -- Road and Rail -- Civil Aviation -- The Good News -- The Bad News -- Ukraine and Russia's 2022 Invasion.
327   $aConclusion -- Notes -- 4 Gaining Access: Attack and Defense Methods and Legacy Systems -- Introduction -- Common Technical Attack Methods -- Drive-by Downloads -- Watering Hole Attacks -- Man-in-the-Middle/Session HIJACKING -- Zero-Days -- Rootkits -- Remote Access Trojans (RATs) -- The Use of Mobile/Cellular Devices and Remote Access -- Script Kiddies or Nation-States? -- Common TTPs -- Counters and Defenses -- Firewalls -- Demilitarized Zones (DMZs) -- Intrusion Detection Systems (IDS): HIDS/SIDS/HIPS -- Honeypots and Honeytraps -- Signature and Behavior-Based Malware Detection -- Sandboxing -- Packet Sniffers -- Application Whitelisting -- Security Information and Event Management -- Blockchain -- Pressing the Reset -- The Zero Trust Security Model -- Legacy Systems: In-Built Vulnerabilities in Critical Infrastructure -- Legacy Systems of the U.S. Government -- Industry and the Costs of 'Keeping the Lights On' -- Patching -- Targeting Supply Chains -- Conclusion -- Notes -- 5 Hacking the Human -- Introduction -- Social Engineering -- Examples of Social Engineering -- Exploiting Cognitive and Behavioral Psychology -- Hacking the Human -- Spear Phishing -- Mitigating Spear Phishing -- Spear Phishing Attack Tools and Websites -- State Intelligence: HUMINT Beyond Social Engineering -- The 'Birds Eye' Macro View and the Micro Level of HUMINT -- Human Sources and Human Agency -- Cyber Defense and Offense -- Defending Insider Threats -- Mitigation and the Insider Threat -- Physical Security I -- Physical Security II: The CIA Triad and 'Full Disclosure' -- The Cybersecurity Workforce Deficit -- Computer Emergency Response Teams -- Cyber Threat Intelligence and the Cybersecurity Community -- Industry and Government Backed Self-Help Groups -- Conclusion -- Notes -- 6 Non and Sub-State Actors: Cybercrime, Terrorism, and Hackers -- Introduction.
327   $aOutsider Threats, Insider Threats, and Target Spotting -- Hackers, Hacking Groups, and Social Engineering -- Social Network Analysis -- SNA as a Law Enforcement and Intelligence Tool -- Terrorism -- Encryption and the Risk of 'Going Dark' -- State-Backed/State-Sanctioned Cybercrime -- Cybercriminals and States -- 'Dark Net' Markets -- Organized Crime, Ransomware, and the 'Dark Net' -- WannaCry and Petya/NotPetya -- The Cloak of Attribution: The Use of Proxy Actors by States -- Conclusion -- Notes -- 7 Conclusion -- On Cyberwarfare -- Attacking Critical Infrastructure -- Pinprick Attacks and First Strike -- Cybersecurity Defenses: Risk Management and Legacy Systems -- Hacking the Human -- Reducing Risk -- Risk Management and Resilience -- States as Advanced Persistent Threats -- The U.S. Intelligence Community and a 'Whole of Nation' Effort -- Zugzwang -- Notes -- Bibliography -- Index.
410  0$aPalgrave studies in cybercrime and cybersecurity.
606   $aComputer crimes	$xPrevention
606   $aComputer networks$xSecurity measures
606   $aCyberspace operations (Military science)
615  0$aComputer crimes	$xPrevention.
615  0$aComputer networks$xSecurity measures.
615  0$aCyberspace operations (Military science)
676   $a364.168 
700   $aStoddart$b Kristan $01234044
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
912   $a996499855403316
996   $aCyberwarfare$92965613
997   $aUNISA