You're reading from Cyber Warfare – Truth, Tactics, and Strategies Strategic concepts and truths to help you and your organization survive on the battleground of cyber warfare

Product type Paperback

Published in Feb 2020

Publisher Packt

ISBN-13 9781839216992

Length 330 pages

Edition 1st Edition

Tools

DeepFakes

Concepts

Cybersecurity

Author (1):

Dr. Chase Cunningham

View More author details

Table of Contents (14) Chapters

Preface

1. A Brief History of Cyber Threats and the Emergence of the APT Designator

2. The Perimeter Is Dead FREE CHAPTER

3. Emerging Tactics and Trends – What Is Coming?

4. Influence Attacks – Using Social Media Platforms for Malicious Purposes

5. DeepFakes and AI/ML in Cyber Security

6. Advanced Campaigns in Cyber Warfare

7. Strategic Planning for Future Cyber Warfare

8. Cyber Warfare Strategic Innovations and Force Multipliers

9. Bracing for Impact

10. Survivability in Cyber Warfare and Potential Impacts for Failure

11. Other Books You May Enjoy

12. Index

Appendix – Major Cyber Incidents Throughout 2019

Tit-for-Tat cyber warfare

Over the next few years, the Iranians would not simply sit idly by and take a position of non-response to the Stuxnet attacks. They quickly upped their cyber operations game and responded in kind. In 2012, Operation Cleaver, the Iranian response to Stuxnet, was launched. The targets for the operators of Cleaver included militaries, oil and gas, energy and utilities, transportation, airlines, airports, hospitals, telecommunications, technology, education, aerospace, Defense Industrial Base (DIB), chemical companies, and governments. Other cyber-attacks had been launched in retaliation for the Stuxnet attacks, namely Shamoon and Operation Ababil. These attacks were targeted at the US banking systems and Saudi Arabian oil operations. Those attacks were significant but did not result in much other than a financial hit on the banks that were targeted and the oil facilities' abilities to ship oil.

Operation Cleaver was a direct response to the Stuxnet attack, but it was not entirely the same in its actions. Where Stuxnet was focused on causing physical damage in a relatively short timeframe on the Iranian nuclear centrifuges, Cleaver was more of a long-term ploy. Operation Cleaver was grander in scale in that it targeted essentially any "low-hanging fruit" that might contain intellectual property or data that could be used to gain an economic advantage in trading by the Iranians. Everything from the US Navy/Marine Corps Intranet, known as NMCI, critical infrastructure providers, and airline operations groups to educational organizations was hit.

The Iranian malware that was used showed that they had learned lessons in malware construction and design thanks to their post-attack analysis on the Stuxnet tools. The Operation Cleaver malware attacked systems in similar veins to Stuxnet. Cleaver malware would find a vulnerable target, conduct an exploit, worm deeper into the network, and then use command and control infrastructure to funnel data out of the compromised environment.

Just as Stuxnet had packaged its exploits and leveraged the network itself to find its ultimate target, so too did Cleaver. However, where Stuxnet was an elegant clandestine piece of malware, a digital scalpel, the tooling for Cleaver was an overt packaging of open exploits that hammered away at systems and did little to conceal its tracks, a sledgehammer. Ordinary cyber security providers were able to gather instances of Cleaver malware samples and find highly evident domains and sites that were openly registered to Iranian affiliated organizations. Many analysts, as well as the US and Allied government officials, noted after the Cleaver attacks that the reasons this malware campaign was not more subtle was that it was a show of force by the Iranians.