INTRODUCTION Why Write a Book about Cybersecurity and Cyberwar? Why Is There a Cybersecurity Knowledge Gap, and Why Does It Matter? How Did You Write the Book and What Do You Hope to Accomplish? PART I: HOW IT ALL WORKS The World Wide What? Defining Cyberspace Where Did This "Cyber Stuff" Come from Anyway? A Short History of the Internet How Does the Internet Actually Work? Who Runs It? Understanding Internet Governance On the Internet, How Do They Know Whether You Are a Dog? Identity and Authentication What Do We Mean by "Security" Anyway? What Are the Threats? One Phish, Two Phish, Red Phish, Cyber Phish: What Are Vulnerabilities? How Do We Trust in Cyberspace? Focus: What Happened in WikiLeaks? What Is an Advanced Persistent Threat (APT)? How Do We Keep the Bad Guys Out? The Basics of Computer Defense Who Is the Weakest Link? Human Factors PART II: WHY IT MATTERS What Is the Meaning of Cyberattack? The Importance of Terms and Frameworks Whodunit? The Problem of Attribution What Is Hactivism? Focus: Who Is Anonymous? The Crimes of Tomorrow, Today: What Is Cybercrime? Shady RATs and Cyberspies: What Is Cyber Espionage? How Afraid Should We Be of Cyberterrorism? So How Do Terrorists Actually Use the Web? What about Cyber Counterterrorism? Security Risk or Human Right? Foreign Policy and the Internet Focus: What Is Tor and Why Does Peeling Back the Onion Matter? Who Are Patriotic Hackers? Focus: What Was Stuxnet? What Is the Hidden Lesson of Stuxnet? The Ethics of Cyberweapons "Cyberwar, Ugh, What Are Zeros and Ones Good For?": Defining Cyberwar A War by Any Other Name? The Legal Side of Cyber Conflict What Might a "Cyberwar" Actually Look Like? Computer Network Operations Focus: What Is the US Military Approach to Cyberwar? Focus: What Is the Chinese Approach to Cyberwar? What about Deterrence in an Era of Cyberwar? Why Is Threat Assessment So Hard in Cyberspace? Does the Cybersecurity World Favor the Weak or the Strong? Who Has the Advantage, the Offense or the Defense? A New Kind of Arms Race: What Are the Dangers of Cyber Proliferation? Are There Lessons from Past Arms Races? Behind the Scenes: Is There a Cyber-Industrial Complex? PART III: WHAT CAN WE DO? Don't Get Fooled: Why Can't We Just Build a New, More Secure Internet? Rethink Security: What Is Resilience, and Why Is It Important? Reframe the Problem (and the Solution): What Can We Learn from Public Health? Learn from History: What Can (Real) Pirates Teach Us about Cybersecurity? Protect World Wide Governance for the World Wide Web: What Is the Role of International Institutions? "Graft" the Rule of Law: Do We Need a Cyberspace Treaty? Understand the Limits of the State in Cyberspace: Why Can't the Government Handle It? Rethink Government's Role: How Can We Better Organize for Cybersecurity? Approach It as a Public-Private Problem: How Do We Better Coordinate Defense? Exercise Is Good for You: How Can We Better Prepare for Cyber Incidents? Build Cybersecurity Incentives: Why Should I Do What You Want? Learn to Share: How Can We Better Collaborate on Information? Demand Disclosure: What Is the Role of Transparency? Get "Vigorous" about Responsibility: How Can We Create Accountability for Security? Find the IT Crowd: How Do We Solve the Cyber People Problem? Do Your Part: How Can I Protect Myself (and the Internet)? CONCLUSIONS Where Is Cybersecurity Headed Next? What Do I Really Need to Know in the End?
P.W. Singer is Director of the Center for 21st Century Security and Intelligence at the Brookings Institution. Allan Friedman is a Visiting Scholar at the Cyber Security Policy Research Institute, School of Engineering and Applied Sciences at George Washington University.
"...an impressive tour de force, Cybersecurity and Cyberwar gives us actual case studies, insider interviews, bizarre trivia, and a lot of dramatic statistics to help demystify the danger, and there is real danger. The timely book brings thoughtful, witty, and balanced analysis to this very important emerging discussion...it's a book I wish I had written." --Patrick Lin, The Atlantic "If you're completely ignorant about malware and cyberattacks, this is the book for you. And if you think you know a lot about these topics, this is still the book for you. It's thorough, exhaustive, and easy to read...extremely approachable." --Mashable "In confronting the cybersecurity problem, it's important for all of us to become knowledgeable and involved. This book makes that possible -- and also fascinating. It's everything you need to know about cybersecurity, wonderfully presented in a clear and smart way."--Walter Isaacson, author of Steve Jobs "If you read only one book about 'all this cyberstuff,' make it this one. Singer and Friedman know how to make even the most complicated material accessible and even entertaining, while at the same time making a powerful case for why all of us need to know more and think harder about the (cyber)world we know live in."--Anne-Marie Slaughter, President, the New America Foundation "Singer and Friedman blend a wonderfully easy to follow FAQ format with engaging prose, weaving explanations of the elements of cybersecurity with revealing anecdotes. From the fundamentals of Internet architecture to the topical intrigue of recent security leaks, this book provides an accessible and enjoyable analysis of the current cybersecurity landscape and what it could look like in the future."--Jonathan Zittrain, Professor of Law and Professor of Computer Science at Harvard University, and author of The Future of the Internet-And How to Stop It "Singer and Friedman do a highly credible job of documenting the present and likely future risky state of cyber-affairs. This is a clarion call."--Vint Cerf, "Father of the Internet," Presidential Medal of Freedom winner "I loved this book. Wow. Until I read this astonishing and important book, I didn't know how much I didn't know about the hidden world of cybersecurity and cyberwar. Singer and Friedman make comprehensible an impossibly complex subject, and expose the frightening truth of just how vulnerable we are. Understanding these often-invisible threats to our personal and national security is a necessary first step toward defending ourselves against them. This is an essential read."--Howard Gordon, Executive Producer of 24 and co-creator of Homeland "In our digital age, the issues of cybersecurity are no longer just for the technology crowd; they matter to us all. Whether you work in business or politics, the military or the media-or are simply an ordinary citizen-this is an essential read."--Eric Schmidt, Executive Chairman, Google "This is the most approachable and readable book ever written on the cyber world. The authors have distilled the key facts and policy, provided sensible recommendations, and opened the debate generally to any informed citizen: a singular achievement. A must read for practitioners and scholars alike."--Admiral James Stavridis, U.S. Navy (Ret), former Supreme Allied Commander at NATO "This book may interest and be appreciated by anyone seeking a better understanding of cyber threats" -CHOICE