Jeffrey Carr's new book, Inside Cyber Warfare came out late last year and is an interesting resource for the cyber researcher. If you are familiar with the Grey Goose Reports I and II and have been reading Jeff's blog at IntelFusion, then a lot of the material will look familiar.
The book covers a lot of ground (pretty much all of it), but this is also its weakness. The principle of universality vs effectiveness states that there can't be both at the same time. Therefore, the book feels at times like a train ride - interesting scenery is rushing by, but you do not catch the full richness of it, just glimpses.
I found the Grey Goose Reports an interesting read, although somewhat rough around the edges. Granted, they were done under serious time constraints and included input from many people, so it was to be expected. I'm glad to see that Jeff has polished away a lot of that.
Jeff goes through a host of examples of recent cyber conflicts, specifically looking at potential state-sponsored events like the Russia-Georgia (cyber) conflict of 2008. He includes a lot of small facts and stories that may not have caught your attention before, so it pays to read the book instead of just scanning over it quickly.
On the other hand, however, I find that the biggest problem with Grey Goose and this book is that in the end, they are just stories with a plausible explanation. To me, there is still no concrete PROOF of state involvement in Georgia 2008, even though there are a thousand circumstantial evidence arrows pointing at it. So we are stuck with the attribution question, again.
This brings me back to my own research - understanding "independent" online cyber militia and looking for ways to deal with the phenomenon. I'll have a post on some potential tactics soon.
As I said above, the book definitely contains a lot of interesting information and may provide you with the interesting fact or angle that was missing, if you are researching cyber conflicts. So, if you get the chance, read it.
The book covers a lot of ground (pretty much all of it), but this is also its weakness. The principle of universality vs effectiveness states that there can't be both at the same time. Therefore, the book feels at times like a train ride - interesting scenery is rushing by, but you do not catch the full richness of it, just glimpses.
I found the Grey Goose Reports an interesting read, although somewhat rough around the edges. Granted, they were done under serious time constraints and included input from many people, so it was to be expected. I'm glad to see that Jeff has polished away a lot of that.
Jeff goes through a host of examples of recent cyber conflicts, specifically looking at potential state-sponsored events like the Russia-Georgia (cyber) conflict of 2008. He includes a lot of small facts and stories that may not have caught your attention before, so it pays to read the book instead of just scanning over it quickly.
On the other hand, however, I find that the biggest problem with Grey Goose and this book is that in the end, they are just stories with a plausible explanation. To me, there is still no concrete PROOF of state involvement in Georgia 2008, even though there are a thousand circumstantial evidence arrows pointing at it. So we are stuck with the attribution question, again.
This brings me back to my own research - understanding "independent" online cyber militia and looking for ways to deal with the phenomenon. I'll have a post on some potential tactics soon.
As I said above, the book definitely contains a lot of interesting information and may provide you with the interesting fact or angle that was missing, if you are researching cyber conflicts. So, if you get the chance, read it.