DIKW Framework<\/h2>\n\n\n\n
The DIKW framework is presented which consists of:<\/p>\n\n\n\n
- Data: facts, ideas, metrics, signals that individually exist without explict relationships. <\/li>
- Information: Data that has attributes and relationships associated with it — ‘knowing what’<\/li>
- Knowledge: Derived inferences from the relationships contained with the Information — ‘knowing how’<\/li>
- Wisdom: Advanced knowledge and understanding computed or evaluated from the body of knowledge — ‘knowing why’<\/li><\/ul>\n\n\n\n
This DIKW understanding is interesting both in the context of Information Warfare but I also find it a good framework to apply to personal viewpoints and analysis of Information and Operational Technology (IT and OT). <\/p>\n\n\n\n
Lifecycle of cyberattack<\/h2>\n\n\n\n
In Chapter 2, the author introduces the lifecycle of a cyberattack, speaking of offensive cyber operations and the phases of identification of vulnerability access, gaining and maintaining access through a vulnerability and thirdly using access to deliver and execute a payload.<\/p>\n\n\n\n
![\"\"](\"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/05\/Screen-Shot-2021-05-25-at-1.56.25-PM.png\")
Power Grid attack surface — Cyberwarfare: An Introduction to Information-Age Conflict
U.S. Department of Homeland Security and U.S. Department of Energy, Energy Sector- Specific Plan: An Annex to the National Infrastructure Protection Plan<\/em>, 2010, p. 124<\/figcaption><\/figure>\n\n\n\nWithin these attack phases, it should be noted that there is significant planning and preparation effort that is expended prior to the actual intrusion activity. <\/p>\n\n\n\n
Cyber Risk<\/h2>\n\n\n\n
In Chapter 3, the author introduces Cyber Risk and it components (loss probability and the loss consequence)<\/p>\n\n\n\n
Risk Assessement, Management, Mitigation and Quantative Analysis of risk are discussed with a final discussion of why risk analysis matters and how one should proceed with dealing with cyber risk.<\/p>\n\n\n\n
![\"\"](\"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/05\/Screen-Shot-2021-05-25-at-1.58.59-PM.png\")
Risk terms and their relationship — Cyberwarfare: An Introduction to Information-Age Conflict<\/figcaption><\/figure>\n\n\n\n Legal Aspects of Cyber Warefare<\/h2>\n\n\n\n
In the next chapter the legal aspects of Cyber Warfare and Information Warfare and introduced with areas including:<\/p>\n\n\n\n
- Overview of the law of armed conflict<\/li>
- UN charter<\/li>
- Violent act of ware within the context of cyber warfare. <\/li>
- Grayzone and Hybrid Warfare. <\/li>
- Political norms and Attack attribution. <\/li><\/ul>\n\n\n\n
Chapters 5-9 provides an overview\/introduction to: <\/p>\n\n\n\n
- Digital and Wireless Communications<\/li>
- Networking<\/li>
- Networking Technology including Ethernet, Wifi and bluetooth.<\/li>
- The Internet Protocol (IP), Transport Layer protocols and Internet Infrastructure. <\/li><\/ul>\n\n\n\n
These introductions are detailed and should be consumable by a general reader and will be common knowledge to most IT professionals. <\/p>\n\n\n\n
Offensive Cyber Operations<\/h2>\n\n\n\n
Chapter 10 introduces Offensive Cyber operations by state actors providing definitions for strategy, tactics, techniques and procedures used in these operations. Background information is provided on the components that may up critical infrastructure within industry (Oil, Gas, Electrcity, Transport, Health, Water, Manufacturing and Pharmacuuticals) which typical have industrial processes that are driven using Industrial Control Systems (ICS). <\/p>\n\n\n\n
![\"\"](\"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/05\/Screen-Shot-2021-05-25-at-2.01.31-PM.png\")
ICS operations — Cyberwarfare: An Introduction to Information-Age Conflict<\/figcaption><\/figure>\n\n\n\n Vulnerabilities, Attacks and Exploits of ICS are explored and the chapter provides a set of case studies that enumerates a number of attacks on ICS systems that are documented and reported in Open Source Intelligence and News sources. The attacked detailed include:<\/p>\n\n\n\n
- The Farewell Dossier.<\/a><\/li>
- The Maroochy Shire Sewage Attack.<\/a><\/li>
- Stuxnet.<\/a><\/li>
- Havex.<\/a><\/li>
- Shamoon.<\/a><\/li>
- First Ukraine power outage.<\/a><\/li>
- Second Ukraine power outage.<\/a><\/li>
- Triton.<\/a><\/li><\/ul>\n\n\n\n
A brief treatment is also provided of some ransomware attacks including:<\/p>\n\n\n\n
- Wannacry.<\/li>
- NotPetya.<\/li>
- BadRabbit.<\/li><\/ul>\n\n\n\n
In Chapter 11, the author provides a detailed discussion of Tactics, Techniques and Procedures (TTP) for Offensive cyber operations including discussing the process of an expliotation of web applications. <\/p>\n\n\n\n
Chapter 12 provides a discussion of cybersecurity in the maratine domain with Chaper 13 discussing cybersecurity in the US elections (2016)<\/p>\n\n\n\n
Final Thoughs<\/h2>\n\n\n\n
Overall, this is a good introductory text on cyberwarfare which although published in 2020 will be in need of an update based on rapid evolution of events that have ocurred in 2020 and 2021, some areas that I believe that may be future subjects for Mr. Porsche to consider are: <\/p>\n\n\n\n
- The Solarwinds compromise<\/a>, providing a mechanism for exploitation using the tools that IT departments use to operate networks. <\/li>
- The Colonial pipeline attack<\/a>, a ransomware attach that crippled a critical component of the supply chain that affected the East Coast of the US. <\/li>
- Other ransomware attacks that have crippled health care operations such as the attack on the HSE in Ireland. <\/li>
- Although not a cyberattack, the Even Given\/Suez incident<\/a> and how the worlds supply chain can be disrupted by a single vessel blocking a chokepoint in a global transport network. <\/li><\/ul>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Cyberwarfare: An Introduction to Information-Age Conflict by Isaac Porche is published by Artech House 2020 Introduction The book consisting of 13 chapters provides an introductory overview of cyberwarfare as an existing (and new) discipline. Chapter 1 introduces ‘Information and Conflict’ providing key definitions and concepts around: Information Networks and Technology Internet\/Web and the information age […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"hide_page_title":"","_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":""},"categories":[8],"tags":[31],"yoast_head":"\n
Cyberwarfare: An Introduction to Information-Age Conflict - lunarip<\/title>\n<meta name=\"description\" content=\"review of book - CyberwarfareAn Introduction to Information-Age Conflict\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyberwarfare: An Introduction to Information-Age Conflict - lunarip\" \/>\n<meta property=\"og:description\" content=\"review of book - CyberwarfareAn Introduction to Information-Age Conflict\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/\" \/>\n<meta property=\"og:site_name\" content=\"lunarip\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-25T21:06:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-26T16:21:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/05\/Screen-Shot-2021-05-25-at-1.56.25-PM.png\" \/>\n<meta name=\"author\" content=\"kevin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"kevin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/\"},\"author\":{\"name\":\"kevin\",\"@id\":\"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b\"},\"headline\":\"Cyberwarfare: An Introduction to Information-Age Conflict\",\"datePublished\":\"2021-05-25T21:06:04+00:00\",\"dateModified\":\"2021-05-26T16:21:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/\"},\"wordCount\":759,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b\"},\"keywords\":[\"Cyber\"],\"articleSection\":[\"Review\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/\",\"url\":\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/\",\"name\":\"Cyberwarfare: An Introduction to Information-Age Conflict - lunarip\",\"isPartOf\":{\"@id\":\"https:\/\/www.lunarip.com\/#website\"},\"datePublished\":\"2021-05-25T21:06:04+00:00\",\"dateModified\":\"2021-05-26T16:21:19+00:00\",\"description\":\"review of book - CyberwarfareAn Introduction to Information-Age Conflict\",\"breadcrumb\":{\"@id\":\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.lunarip.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cyberwarfare: An Introduction to Information-Age Conflict\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.lunarip.com\/#website\",\"url\":\"https:\/\/www.lunarip.com\/\",\"name\":\"lunarip\",\"description\":\"min(e|d) tailings of a neural net running on a 100w carbon system\",\"publisher\":{\"@id\":\"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.lunarip.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b\",\"name\":\"kevin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.lunarip.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/03\/Sun_and_Moon_Nuremberg_chroniclex4.png\",\"contentUrl\":\"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/03\/Sun_and_Moon_Nuremberg_chroniclex4.png\",\"width\":970,\"height\":238,\"caption\":\"kevin\"},\"logo\":{\"@id\":\"https:\/\/www.lunarip.com\/#\/schema\/person\/image\/\"},\"sameAs\":[\"https:\/\/www.lunarip.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cyberwarfare: An Introduction to Information-Age Conflict - lunarip","description":"review of book - CyberwarfareAn Introduction to Information-Age Conflict","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/","og_locale":"en_US","og_type":"article","og_title":"Cyberwarfare: An Introduction to Information-Age Conflict - lunarip","og_description":"review of book - CyberwarfareAn Introduction to Information-Age Conflict","og_url":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/","og_site_name":"lunarip","article_published_time":"2021-05-25T21:06:04+00:00","article_modified_time":"2021-05-26T16:21:19+00:00","og_image":[{"url":"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/05\/Screen-Shot-2021-05-25-at-1.56.25-PM.png"}],"author":"kevin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"kevin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#article","isPartOf":{"@id":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/"},"author":{"name":"kevin","@id":"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b"},"headline":"Cyberwarfare: An Introduction to Information-Age Conflict","datePublished":"2021-05-25T21:06:04+00:00","dateModified":"2021-05-26T16:21:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/"},"wordCount":759,"commentCount":0,"publisher":{"@id":"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b"},"keywords":["Cyber"],"articleSection":["Review"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/","url":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/","name":"Cyberwarfare: An Introduction to Information-Age Conflict - lunarip","isPartOf":{"@id":"https:\/\/www.lunarip.com\/#website"},"datePublished":"2021-05-25T21:06:04+00:00","dateModified":"2021-05-26T16:21:19+00:00","description":"review of book - CyberwarfareAn Introduction to Information-Age Conflict","breadcrumb":{"@id":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.lunarip.com\/index.php\/cyberwarfare-introduction-to-information-age-conflict\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.lunarip.com\/"},{"@type":"ListItem","position":2,"name":"Cyberwarfare: An Introduction to Information-Age Conflict"}]},{"@type":"WebSite","@id":"https:\/\/www.lunarip.com\/#website","url":"https:\/\/www.lunarip.com\/","name":"lunarip","description":"min(e|d) tailings of a neural net running on a 100w carbon system","publisher":{"@id":"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.lunarip.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.lunarip.com\/#\/schema\/person\/045a7b3f30cfedf6967672ed5c91bb5b","name":"kevin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.lunarip.com\/#\/schema\/person\/image\/","url":"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/03\/Sun_and_Moon_Nuremberg_chroniclex4.png","contentUrl":"https:\/\/www.lunarip.com\/wp-content\/uploads\/2021\/03\/Sun_and_Moon_Nuremberg_chroniclex4.png","width":970,"height":238,"caption":"kevin"},"logo":{"@id":"https:\/\/www.lunarip.com\/#\/schema\/person\/image\/"},"sameAs":["https:\/\/www.lunarip.com"]}]}},"_links":{"self":[{"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/posts\/159"}],"collection":[{"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/comments?post=159"}],"version-history":[{"count":3,"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/posts\/159\/revisions"}],"predecessor-version":[{"id":167,"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/posts\/159\/revisions\/167"}],"wp:attachment":[{"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/media?parent=159"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/categories?post=159"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lunarip.com\/index.php\/wp-json\/wp\/v2\/tags?post=159"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}} - The Colonial pipeline attack<\/a>, a ransomware attach that crippled a critical component of the supply chain that affected the East Coast of the US. <\/li>
- The Solarwinds compromise<\/a>, providing a mechanism for exploitation using the tools that IT departments use to operate networks. <\/li>
- The Maroochy Shire Sewage Attack.<\/a><\/li>
- The Farewell Dossier.<\/a><\/li>