This Post Has 7 Comments

1. Holland grinds to a halt
   Let’s strike the word “war” from the title. It’s undoubtedly good for selling numbers, but also sounds like science fiction. If this puts off people it’s aimed at from reading this book, it would be a shame. This book poses threats and vulnerabilities from and to cyber space to decision makers, cyber security officers, law enforcers, military, governments, industry and finally the public at large. What Clarke does, is give everyone a choice: do you want to be more cyber secure or run the risk of being vulnerable? He boots it with a possible plan to go.Imagine Holland grinding to a haltAs a joke I always tell people to imagine all the bridges in the Netherlands (we have a lot of water(ways) so a lot of bridges) to simultaneously open without warning. Cars would drive into the water and each other, trains may derail and dive head first, destroying the bridge along the way, blocking water ways for ships, the roads for cars and killing thousands. All this from a cleverly installed piece of software, that also happens to make closing the bridges through the network impossible. Could this happen? If I can imagine it, I’d say most likely.Hacks and espionageCyber war gives many of these examples and a few that actually have happened or are installed, so in place, to happen. All the cyber espionage and hacking into government and commercial systems reported on in the news papers recently prove this. The discussion whether a major cyber incident will ever happen or not, to me is moot. It could happen, so who wants to run the risk of it ever happening if one could prevent it?The pitfallIf Clarke tries to teach us something it is that governments together with industry need to move. He does this convincingly and in great detail. At the same time it is the pitfall of this book also. He seems over eager, drives the points home too hard, almost begging for those responsible to do something. This stands him at risk of being dismissed as a zealot. Well, in my opinion it would be a risk to do so.The threats are very realThe threats are out there and are very real as a lot of people notice to their disadvantage every day, after being phished, when they find malware on their computer, when a company is hacked or ddossed and asked for some protection money, security spent by companies’ abuse desks and CSIRTs, etc.A compromised computer is a potential offensive weapon in the hands of …. Well, of whom really? A government? A kid in his parents attic, playing with software programs? Terrorists who found the exploit in critical infrastructure put there by someone else? ???Potential offensive weaponsI repeat it for emphases: a compromised computer is a potential offensive weapon. What is the standard response to offensive weapons within a country that are not in the hands of its own military? Does a government send the local constable to look into it? This is what happens, if it happens at all, where bots are concerned. The local ISP is expected to clean its customers’ computers.Possible steps forwardCyber war is a courageous book. It tells the story that most people do not want to hear. It’s difficult, it’s cyber, it’s cross border, it’s owned by others. Everything government’s are not very well equipped to deal with. The book also gives a very comprehensive overview of steps governments and industry can take to protect themselves better. Some are achievable, some will be very hard going and tough negotiating. It is clear that those in office, whether public or private, face some tough choices. But we can always wait closing the well till after the calf drowned, can’t we? The choice is yours, but after this book no one can say, I didn’t know.Wout de Natris, De Natris Consult

   Reply

2. A good primer on Cyber War — if you push through the political bias
   Cyber War by Richard Clarke is a well written, informative look at what can happen in cyberspace and how a nation can be impacted by nation-states and nefarious, lone actors. The author presents hypothetical scenarios, historical development of the internet, current issues, and then he offers recommendations for avoiding full-on nation vs. nation cyber war (which can escalate into conventional war). Overall, a good read. My irritation comes from the unnecessary left-leaning political bias. If the few inflammatory sentences were removed, then the book would have a wider appeal and/or be less distracting to readers who decide to push past the repellant verbiage. Thankfully, the bias doesn’t run through the course of the entire work. About a third of the way through writing (pages 105 – 133) Clarke must have been in an emotional tizzy, as some are prone to experience, about that pesky Constitution and the limits of power placed on the federal government.Examples of the author’s liberal bias:p. 105, referencing the Marsh Commission, “Rather than focusing on right-wingers like McVeigh and Nichols or al Qaeda terrorists like those who had attached the World Trade Center in 1993, Marsh sounded a loud alarm about the internet.” — Get that? I agree with equating McVeigh and Nichols to terrorist. But to equate those on the right with terrorists…come on.p. 107, “For some reason, they did not trust that NSA would only listen in when they had a warrant (which, under George W. Bush, later proved to be true).” — I wonder what Clarke thinks of Obama’s activity or is it just a “Bush-thing.” It’s activity like this by the federal gov’t that necessitates limits on its power.p.112, “The kind of crowd that shows up for a cyber security town hall is, thankfully, more civilized than the nut jobs who showed up in 2009 at health-care town halls.” — You see, in the author’s mind, opposing big-gov’t policies (like voicing concerns about gov’t-run health care) means you’re a ‘nut job.’p. 112, “Substantively, there was little difference between the Clinton and Bush approaches, except that the Republican administration not only continued to eschew regulation, they downright hated the idea of the federal government issuing any new regulations on anything at all.” — To Clarke (and liberals in general), more gov’t control is always the answer.p. 112, “Bush’s personal understanding and interest in cyber security early in his administration were best summed up by a question… ‘What does John think?’ John was the CEO of a large information technology company and a major donor to the Bush election committee.” — So, Bush must have bowed to his donors? Maybe he recognized he should call in a subject matter expert before rendering a decision.p. 113, “Bush never saw a covert-action proposal he didn’t like.” p. 115, “It was another vulnerability of the financial sector, brought on as a result of industry successfully lobbying against government regulation, that Barack Obama was forced to focus on when he became President in 2009… With [the subprime-mortgage meltdown and the worst financial crisis since 1929], in addition to the war in Iraq, the war in Afghanistan, threating flu pandemics, health-care reform, and global warming all his attention, Obama did not focus on the cyber security.” — In other words, ‘Obama would have done the right thing but he inherited a big mess.’p. 116, “as a terrorism advisor, I used that access to pester the candidate [Obama] and his advisors about cyber war. It was not surprising to me that Obama ‘got’ the issue… Even though what they were writing was unclassified, it was of interest to China and others (including, presumably, John McCain, not that his campaign had shown much understanding of cyber technology).” — Got that? Republicans dumb…Obama, whose previous experience was community organizing, automatically “gets” cyber war. The chosen one is omniscient.p. 133, “If what we need to do to defend ourselves from cyber war opens the possibility of further gov’t abuse, we will need to do more than simply pass laws making such gov’t action illegal. That has not stopped some in the past. ([Dick]Cheney, I’m thinking of you here.)” — Because a Democrat Administration would never… oh, wait.These comments are not surprising coming from an author who “consults for ABC News” and teaches at Harvard University; bastions for liberal thinking and propaganda. In any case, if you can get past these few sections without vomiting, the other information is worth the $2.99 for the Kindle copy.

   Reply

3. This book shows what is happening via the internet and our cell phones. People are dying because of professional hackers employed by world governments, that conduct Denial of Service attacks (DoS) will precede a kinetic war of bombs and bullets. .Written in easy to understand non-technical language, and I am only at chapter 3.

   Reply

4. This book is the bee’s knees. I even could implement some quotes in my dissertation for my university course – Computer Security. To mention, I got a great mark, thanks to the new perspective Mr Clarke showed.I CANNOT stand READING… However, I seriously cannot wait to purchase Richard A Clark’s next book – “The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats”. If this next book is anything like its predecessor, I certainly would be over the moon.I would recommend this to ANYONE. This book is not hard to read, and it gives great insight to the Cyber scenarios in the modern world, including several case studies.Please… buy this now if you are on the fence. This relatively cheap book is worth every penny.

   Reply

5. A must read

   Reply

6. Pretende crear conciencia sobre la cuestión de la ciberguerra en Estados Unidos. Es demasiado EEUU-céntrico, pero que mucho… (todo el rato el discurso es nosotros vs enemigos). La parte de tratados da un poco risa (visión pelín imperialista unilateral). El resto está ok. El libro es entretenido y está bien escrito. Como introducción al tema vale. A fecha de hoy no hay muchas referencias en este ámbito.

   Reply

7. Dieses Buch beschreibt aus amerikanischer Sicht die Entwicklung der vernetzten Kommunikationstechnologie als Mittel zur Ausübung von Druck zur Erzwingung von politischen Forderungen durch Staaten, mit denen die USA schwierige politische Beziehungen unterhält. Es wird an den Beispielen aktueller (vor 2009) Cyber-Angriffe auf die USA und andere Staaten argumentiert.Der Autor geht dabei nicht / kaum auf die technischen Umsetzungen der Angriffe ein, sondern beleuchtet ausschliesslich tatsächliche und mögliche Auswirkungen auf Militär, Staat und Gesellschaft.Ich hätte mir etwas mehr “geek talk” im Buch gewünscht. Da sollte man dann aber doch lieber das “Script-Kiddie Cookbook” und die “Hackers Challenge”-Reihe heranziehen.

   Reply