The Art of Cyberwar - Book I: Water r1.1
Bear with me please as this will be written in pieces and updated constantly. If any publishers are interested, you are free to contact me for a volume on modern cyber warfare ,,, not just my thoughts and conclusions but those of former and retired USSOCOM personnel, TLAs ( NSA ROC/TAO/ANO), associated entities - e.g. GCHQ, Unit 8200 IDF, Nork (KN - Noko) cyber brigades defectors, BND and Bundeswehr units, perhaps even some insight into MSS and MPS as well as PLA units and of course FSB and SVR (16th KGB Directorate and 8th Main Directorate - FAPSI was created from the 8th Main Directorate (Government Communications) and 16th Directorate (Electronic Intelligence) of the KGB), SORM sytem usersm etc....
Cyber and data is like the ocean and lakes and rivers. Business and government and individuals - we all swim in it and need it although it is polluted, infected and infested by parasites and virii (evilsoft and malware),and predators, and kraken, sea serpents, and gill men and ondines and water dragons and the ancient inhabitants of the lost city of R'lyeh.
Water flows and allow transport of data, information, ships of commerce, trade, finance, education, and perhaps an end and means to end human loneliness and isoationl. Pure water nourishes us, feeds crops and animals, turns deserts into farms and cities and forests. Without water nothing lives or flourishes and grows.
Water trapped with earth provides electricity which is wter bound with fire. Book II is about earth including the 'great vurms',. Book III is about fire (fire worms and fire elementals)and Book IV is about air (yes, like the airbender series as it teaches elemental martial philosphy and in a way that children like and appreciate :) so simple that a child gets it :D) Air,,, clouds doncha knows ;) :D.
Waster flows and yet can be ice that crushes great ships or vapour that blinds and wrecks vessels traffic or currents that drag ships and men to the deeps without a trace.
Wee will touch on psyOps, information warfare,, cyOps traditional attack patterns - e.g Skeletor and other DoA (denial of access and 'dead on arrival) attacks and why they re a 'step' above DDoS attacks and near future Caprica attack scenarios as thrid part of the cyber triad, sciOps.
Music to muse and thinks by - https://www.youtube.com/watch?v=N7ZhQ-W4eDE,, on loop.
Chapter the first - Cyberwar "why we fight"
Warning: Writing this in 'flow' mode so don't, repeat do not, expect tight structure and closely aggregated thoughts, rather more loosey goosey and arbitrarily random.
This is not meant to be a tactical manual or a cookbook primer on cyberwr techniques and TTPs, rather 'a way' of thinking and cyberwar philospphy in the way that Sun Tzu wrote his classic text - no 'sources and methods' either although I may 'delve' into speculative scenarios' like Caprica level attack scenarios as professional officer level thought exercises and 'prep' training tool.
I will emphasize the strategic over the tactical as this is meant for a non-technical and leadership audience rather tan in evilsoft module design using "________" fill in the blank e.g. metaploit, eternalblue, stuxnet, dirty cow, madcow, mirai, super mirai, reaper, skeletor, cyber terminator, etc... tools, scripts, codes, packages, and payloads, etc...
So this is meant for 'generalas' but also 'sergeants and j.o. level' and aanyone else inbetween, No or not much 'expertise' needed and no need to bow to 'datq priests' nor to kiss the rings (or other 'parts' :D) of 'security/securitay cardinals.
Postulate the beginning:
1) Cyber WMD/weapons. "richman, poorman, beggarman, thief" For the richman - nukes, for the poorman - chemical radiological and biological, for the beggarman and thief - evilsoft and malware.
2) In modern cyber security or cyberwar for that matter, it's People Proccess Operations, in that order and in that priority.
2a) Amateurs study technology, professionals study people.
Technology is too ephemeral and becomes obsolete or superseded or deprecated so quickly that dependence on tech is a weakness, or "you rm the msan, you don't man the weaopn" - our CEO,
Lesson of the A6M Zero and the F4F Wildcat, then the F6F Hellcat and then the F8F Bearcat(Focke-Wulf Fw 190). There is always a newer and faster 'gunfighter', always.
Continuous improvement and iterative spiral develop,emt in response to rapidly changing conditions in the '5th dimension' of cyber digital conflict.
2b) If you rely on 'blinky boxes' and all your people are box tenders and process jockeys, we or someone will get inside your OODA loop/bypass your boxes/ or do bad things to your company while you are starting at LEDs/dsplays/logs.
2c) If you do not have the right leadership who can set up the right command staff and the right team, all you will have is gloried corporal micromanaging a fire team - slmost all tactical and with no strategic comprehension/understanding of how to win a campaign much less run a battle. You will drown in the tactically trivial trivial and with no clue how to focus on coordinated and concerted combined arms evolutions. (did I lose you yet dear reder? :) :D )
2d) Cyber security is a team effort as is incyberwsr. A team is not a collection of random individuals assigned tasks/functionalities/boxes and working in isolstion - such is securitay - Securitay (si-ky??r-i-tā’),n. Bogus, phony, ersatz, theatrical or imitation security.
"You mean, we have to take off our shoes, dump our water AND get molested, in the name of securitay." ;)
Any single individual, no matter how talented, can be overcome by the right team as quantity has a quality all it's own. Good 'lab rats' can be adapted to a team of field rats//desert rats//ice rats.
3) "why we fight" - to protect spice miners from raiders, bandits, thieves as well as the giant worms. Added mission, to not only kep the spice flowing but to inrease sits production.
https://www.youtube.com/watch?v=1SBGbbJ8ifY
Or these two ,,,, ;) :D -The knights begins to shine and the bears dance/tanzem ;) da beaaahs :D
and da bears discover fire. ;) :D so do the great vurms and the fire worms/fie dragons.
https://en.wikipedia.org/wiki/List_of_intelligence_agencies -eacxxh has their 'cyber departments/directorates/services. :-o ;)
Be like water, learn to 'bend' water and shape water systems or drown in the gushing flumes and rapids that both form data lakes and spring from the,,,, and watch out for the cyber mines and cyber wolfpacks that ring the 'information harbours' and that range the digital oceans.
'Waiter, wht;s this squirrel doing in my cafe?' - ' The backstroke I think? Would you like some more squirrel with your cafe sir?' ;) :D
COO ISRSEC International, Ltd. CISO ISRSEC (North America)
5 年https://www.dhirubhai.net/feed/update/urn:li:activity:6542424355660451841/?commentUrn=urn%3Ali%3Acomment%3A(activity%3A6542424355660451841%2C6542437690221096960)
COO ISRSEC International, Ltd. CISO ISRSEC (North America)
5 年https://www.dhirubhai.net/feed/update/urn:li:activity:6535866275170709504/?commentUrn=urn%3Ali%3Acomment%3A(activity%3A6535866275170709504%2C6535913435564171264)&replyUrn=urn%3Ali%3Acomment%3A(activity%3A6535866275170709504%2C6535934630225342464)
COO ISRSEC International, Ltd. CISO ISRSEC (North America)
5 年5G - IoT ecosystems https://www.dhirubhai.net/feed/update/urn:li:activity:6530953428397551616/
COO ISRSEC International, Ltd. CISO ISRSEC (North America)
5 年cyber wolfpack cyberwar doctrine https://www.dhirubhai.net/feed/update/urn:li:activity:6522296248203046913/?commentUrn=urn%3Ali%3Acomment%3A(activity%3A6520333358587801600%2C6522296128237551616)
COO ISRSEC International, Ltd. CISO ISRSEC (North America)
5 年Chaos, Jurassic Park, Wing Tsun style of attacks ;) What will happen when clouds and complex systems die? When the change winds blow and scream? https://www.dhirubhai.net/feed/update/urn:li:activity:6512103897954287616/?commentUrn=urn%3Ali%3Acomment%3A(activity%3A6512103897954287616%2C6512156999570976768) (edited)