Start reading Cyber Warfare on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here or start reading now with a free Kindle Reading App.

Deliver to your Kindle or other device


Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners

Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners [Kindle Edition]

Jason Andress , Steve Winterfeld
3.0 out of 5 stars  See all reviews (3 customer reviews)

Print List Price: £24.99
Kindle Price: £15.21 includes VAT* & free wireless delivery via Amazon Whispernet
You Save: £9.78 (39%)
* Unlike print books, digital books are subject to VAT.

Free Kindle Reading App Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.

To get the free app, enter your e-mail address or mobile phone number.


Amazon Price New from Used from
Kindle Edition £15.21  
Paperback £16.01  
Earn a Free Kindle Book
Earn a Free Kindle Book
Buy a Kindle book between now and 31 March and receive a promotional code good for one free Kindle book. Terms and conditions apply. Learn more

Product Description


"Regardless of where the definition of cyber warfare finally settles, be it simply a war waged over the Internet, a technological cold war, network-based hostilities or simply another theater of war, there are without doubt activities that transpire over the wire that require much closer scrutiny not only by the security community but also by governments, businesses and the general public. The authors accurately and adeptly take the reader from the headlines to the front lines with frequent stops in underground communities, legislative halls and anywhere hackers (ethical or otherwise) are in high demand. This book serves as a report on the current cyber state of affairs on a global scale, as a career guide to those looking to enter this burgeoning field, and, most importantly, as a reference on protecting assets that are unmistakably in the field of battle...whether intended or not."--Donald C. Donzal, Editor-In-Chief, The Ethical Hacker Network

"A fifth domain of war has been added to land, air, sea and space: cyber. Malware capable of taking a nuclear program offline was science fiction 5 years ago: Stuxnet demonstrates that information security is now a matter of national security. This timely and necessary book provides an assessment of the current state of cyber warfare, and more importantly, where the conflict is heading. Highly recommended for information security professionals." --Eric Conrad, Lead Author, CISSP Study Guide, President, Backshore Communications

Product Description

Cyber Warfare Techniques, Tactics and Tools for Security Practitioners discusses the strategic, operational, and tactical aspects of cyber warfare. The book provides information that organizations can use to develop a strategic vision for cyber security, but it is also designed to spur national debate on the direction of cyber warfare.
Starting with a definition of cyber warfare, the book’s 15 chapters discuss the following topics: the cyberspace battlefield; cyber doctrine; cyber warriors; logical, physical, and psychological weapons; computer network exploitation; computer network attack and defense; non-state actors in computer network operations; legal system impacts; ethics in cyber warfare; cyberspace challenges; and the future of cyber war.
This book is a valuable resource to those involved in cyber warfare activities, including policymakers, penetration testers, security professionals, network and systems administrators, and college instructors. The information provided on cyber tactics and attacks can also be used to assist in developing improved and more efficient procedures and technical defenses. Managers will find the text useful in improving the overall risk management strategies for their organizations.

  • Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks
  • Dives deeply into relevant technical and factual information from an insider's point of view
  • Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result

Product details

  • Format: Kindle Edition
  • File Size: 2485 KB
  • Print Length: 320 pages
  • Publisher: Syngress; 1 edition (13 July 2011)
  • Sold by: Amazon Media EU S.à r.l.
  • Language: English
  • ASIN: B0054IAIZA
  • Text-to-Speech: Enabled
  • X-Ray:
  • Word Wise: Not Enabled
  • Average Customer Review: 3.0 out of 5 stars  See all reviews (3 customer reviews)
  • Amazon Bestsellers Rank: #378,266 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?

More About the Authors

Discover books, learn about writers, and more.

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

3.0 out of 5 stars
3.0 out of 5 stars
Most Helpful Customer Reviews
2 of 2 people found the following review helpful
1.0 out of 5 stars Yet another book on cyber war 19 Jan 2013
The tagline of this book is "Techniques, tactics and Tools for Security Practitioners". This definitely doesn't accurately portray the content. It would appear that they just put words on the front that would entice people. It definitely isnt written for security practitioners. If you know nothing about computer security at all then this would be a reasonably good start toward an introduction to some of the core areas.

The book spends a fair bit of time on different government policy toward cyber attack and defence, without providing any real core facts. It doesn't cover the topic of as well as the similarly named Cyber War by Richard Clarke, which is cheaper and probably a more enjoyable read. Personally i found this as fun to read as a text book but without containing many facts, and definitely none that I will take away with me. I really feel that this book was just to cash in on the term "Cyber Warfare".
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
5.0 out of 5 stars An excellent overview. 18 July 2011
I found this book an excellent overview of the latest area of warfare. In an analytical, and still very readable, manner it takes us through the definition of cyber warfare, how it fits into military doctrine (mostly US, but also a bit on other countries) as well as how it is executed (both with logical and physical means). It also covers the legal and ethical views on this type of conflict.

This is not a handbook on the technical details of waging cyber warfare though. While it touches on tools and techniques it does not go into much details on them, which in my view is something good. There are a lot of other books covering the technical parts in much more detail, but very few which puts it all together with the strategic and legal aspects.

Buy this book if you want a concise overview of the field without getting bogged down into details. If you want those it provides you with a good starting point for your further readings.
Comment | 
Was this review helpful to you?
3.0 out of 5 stars A Doctrinal View of Cyber Warfare 30 July 2012
Format:Kindle Edition|Verified Purchase
Cyber Warfare is a well structured and easy to read introduction to the topic. The author has broken the subject into bite size chunks that he later pulls together to describe preparation and execution for cyber war. The book is more descriptive than analytical and there are some big leaps made from assertions to conclusions; he tends to speculate. Reading it on the kindle was convenient but if you are studying the subject a hard copy would make rapid cross-referencing easier.
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on (beta) 3.8 out of 5 stars  13 reviews
20 of 22 people found the following review helpful
4.0 out of 5 stars Cyber Warfare: Techniques, Tactics and Tools for the Security Practitioners 18 July 2011
By Rick Howard - Published on
Format:Paperback|Verified Purchase
"Cyber Warfare: Techniques, Tactics and Tools for the Security Practitioners" is a consolidation of the current thinking around the topic of cyber warfare; not the way you hear about in the media where everything is a war of some kind (War on drugs, War on Terrorism, etc) but a discussion about what it means to conduct warfare via cyberspace. This is a tough topic because there are so many opinions about what Cyber Warfare is that you could literally spend an entire book just covering the definitions. The authors deftly avoid that trap and manage to provide a coherent line of thinking around Computer Network Operations even when these kinds of activities bump up against other cyber space dangers like Cyber Crime, Cyber Hactavism, Cyber Espionage and Cyber Terrorism. This is a primer; a one stop shop to get you up to speed on the topic if you are new to it or a refresher even if you have been enmeshed in it for years.
The authors, Steve Winterfield and Jason Andress, cover everything you will want to consider when thinking about how to use cyberspace to conduct warfare operations. The primary concepts have been bouncing around US military circles for over a decade but they have never been collected into one tome before. Clarke and Knake's book, "Cyber War: The Next Threat to National Security and What to Do about It," discusses how weak the US network defenses are and offers suggestions about how to improve. Carr's book, "Inside Cyber Warfare: Maping the Cyber Underworld," presents threat examples and nation state capabilities. Libicki's book, "Cyberdeterrence and Cybrewar," attacks cyberwar from a policy viewpoint and does not really address operational considerations. Stiennon's book, "Surviving Cyberwar," is a good place to start if you are new to the subject and is almost a prerequisite for this book.

Full Disclosure: One of the authors, Steve Winterfield, used to work for me when he and I were both in the US Army wrestling with all of these ideas right after 9/11. I ran the Army Computer Emergency Response Team (ACERT) and Steve ran the Army's Southern Regional CERT (RCERT South). He and I have been friends ever since and he even quoted me in one of the back chapters.

Although the content has been around for a while, it is striking how little the main concepts have changed. In a world where new innovations completely alter the popular culture every eighteen months, the idea that Cyber Warfare's operational principals remain static year after year is counter-intuitive. After reading through the various issues within though, you begin to understand the glacial pace. These difficult concepts spawn intractable problems and the authors do a good job of explaining them.

I do have a slight issue with the subtitle though: "Techniques, Tactics and Tools for the Security Practitioners." The way I read this book, the general purpose (GP) Security Practitioner will not find this book very useful except as background information. Aside from the chapters on Logical Weapons, Social Networking and Computer Network Defense, most of the material has to do with how a nation state, mostly the US, prepares to fight in cyber space. There is overlap for the GP security practitioner, but this material is covered in more detail in other books.

The book is illustrated. Some of the graphics are right out of military manuals and have that PowerPoint Ranger look about them. Some are screenshots of the various tools presented. Others are pictures of different equipment. One graphic stood out for me in the Cyberspace Challenges chapter (14). The graphic in question is a neat Venn Diagram that encapsulates all of the Cyber Warfare issues mentioned in the book, categorizes the complexity of each issue and shows where they overlap in terms of Policy, Processes, Organization, Tech, People and Skills. My only ding on the diagram is that in the same chapter, the authors discuss how much each issue might cost to overcome. It would have been very easy to represent that information on the Venn diagram and make it more complete.

One last observation about the graphics that I really liked is the author's use of "Tip" and "Note" boxes throughout the book. Scattered throughout the chapters are grayed-out text boxes that talk about some technology or procedure that is related to the chapter information but not directly. For example, in the Social Engineering chapter (7), the authors placed a "Note" describing the various Phishing forms. You do not need the information to understand the chapter but having it nearby provides the reader with a nice example to solidify the main arguments. The book is full of these examples.

The first three chapters are my favorites. Winterfield and Andress do a good job of wrapping their heads around entangled concepts like the definition of cyber warfare, the look of a cyber battle space and the current doctrine's ideas about cyber warfare from the perspective of various nations. It is fascinating.

In the middle of the book, the authors take on the task of describing the Computer Network Operations (CNO) Spectrum; a spectrum that ranges from the very passive form of Computer Network Defense (CND) through the more active forms of Computer Network Exploitation (CNE) and Computer Network Attack (CNA). It is indeed a spectrum too because the delineation between where CND, CNE and CNA start and stop is not always clean and precise. There is overlap. And somewhere along that same spectrum is where law enforcement organizations and counter-intelligence groups operate. You can get lost fairly quickly without a guide and the authors provide that function admirably. The only thing missing from these chapters is a nice diagram that encapsulates the concept.

Along the way the reader gets a nice primer on the legal issues surrounding Cyber Warfare, the ethics that apply, what it takes to be a cyber warrior and a small glimpse over the horizon about what the future of Cyber Warfare might bring. In the end, Winterfield and Andress get high marks for encapsulating this complex material into an easy-to-understand manual; a foundational document that most military cyber warriors should have at their fingertips and a book that should reside on the shelf of anybody interested in the topic.
11 of 12 people found the following review helpful
3.0 out of 5 stars Good coverage, but needs serious editing 6 Feb 2012
By Sean Butler - Published on
This book is possibly unique in its choice of scope, apparently targeted at operational-level military cyber warfare professionals (though also seemingly attempting to broaden its audience to mid-level private-sector information security professionals). Since this is basically the exact audience I was hoping to target as an instructor for a course in operational cyber war, I had high hopes for this book, hoping to replace an array of texts each covering a slice of the subject matter. It helped that the authors appeared to have solid credentials. All in all, I was somewhat disappointed with the book, mostly with the lack of polish, though it's probably still worthwhile if you're looking for a book with this particular scope.

"Cyber Warfare" addresses the nature of the various threats in cyberspace, covering various actors, motives, methods, vulnerabilities, and potential effects. It does a good job of staying at a fairly high level without over-simplifying to the point of gross inaccuracy, though it does fall victim to the temptation of sensationalizing once in awhile.

The book doesn't go too far into the weeds with specific tools, only offering a basic familiarization with the purpose and functionality of some of the more well-known (and sometimes outdated) examples. You occasionally get a sense of "hey, look at this cool gee-whiz tool" with some of their selections, but in general, it serves as a good survey of potential inclusions in a security toolkit.

Operations are structured along the lines of military doctrine, addressing Computer Network Attack, Defense, and Exploitation with their own chapters. Personnel and training, as well as legal and ethical issues are also discussed at some length-- these are all good topics for a professional military education course, and not necessarily obvious inclusions, so kudos to the authors for that. That said, the legal section could probably use a bit more development in the arena of international law, as that would be the primary concern of true cyber warfare.

I didn't feel like the book did a good job addressing theory, though one could argue that this wasn't its focus (after all, the subtitle is "Techniques, Tactics, and Tools", leaving out the other "T"). I was almost ready to give up on the book after the first two chapters (largely due to the glaring lack of polish discussed below), but fortunately it eventually settles into a more comfortable rhythm.

Now, I have a lot of nit picks with the book, but I don't want to give the impression that it's trash. I'd probably give it 3.5 stars if the rating system had that level of fidelity.

The most obvious flaw is that the writers don't do a very good job of projecting credibility given the terrible writing in many places in the book. While there are very few clear factual errors (e.g., "the latest, at the time of this writing, microSDXC cards topping out at 2 terabytes of storage", the assertion that most companies protect critical servers to the same level as workstations), they're generally minor, but the entire book is littered with assorted mechanical errors and poor wording. Using "that" in place of "than" happens frequently, along with many other random typos/autocorrects that simple spellcheck can't catch, like "effeteness" in place of "effectiveness", and "reverses [the network]" in place of what I assume is "observes [the network]" (regarding government network monitoring). Many of their illustrations and diagrams are also either poor quality or useless/unilluminating. All in all, the book seems to lack polish, and at least one of the co-authors could really use extensive help from a good editor-- shame on Syngress for that one, since techies aren't often expected to be great writers.

Another issue I have with the book is that the authors don't seem to have a very good feel for realistic and meaningful military effects in the cyber domain. Many of their attack techniques focus on simple denial of service that is of little real usefulness to a military audience at any level. They include several "cute" tricks like directing /dev/zero to a file in order to fill up a file system. While I suppose those sorts of tactics could conceivably be applied as a kind of field expedient in some unlikely scenario, they're not really worth mentioning to the audience targeted by the book. In general, when they get specific with attack techniques, they're often rather unsophisticated. They'd be better off sticking to a more high-level approach centered around effects.

Along with the "look what I can do" sense of many of their attack techniques, the fact that they decide it's worthwhile to include the word "noob" multiple times in the book (along with other terms of debatable relevance) and bother to discuss "l33tsp34k" also seems like a strained attempt to seem up-to-date with the cool kids. It doesn't help that they reference Die Hard 4 with an apparently straight face.

Some of their other topic coverage seems a bit naïve and shallow as well. For example, they perpetuate the notion that cyber-terrorism (in the sense of network-based attacks on critical infrastructure to induce fear and chaos by non-state actors) is a serious threat, when in actuality, physical attack is much more effective and practical for terrorist groups' ends and means, and there has been little evidence that they've been seriously pursuing a cyber avenue of attack (they presumably discovered just how much specialized knowledge they'd have to develop in order to mount a meaningful attack). These mitigating factors aren't mentioned in their discussion.

Granted, if they don't want the book to balloon to unmanageable lengths, they can't go into depth with every topic, given the scope of the work. But this makes the inclusion of many questionably-relevant topics that much more puzzling. For example, the book includes discussion of lockpicking (and counters), interrogation techniques, and other purely physical security concerns, which, while in a sense relevant to information security, seem out of place in this particular book, at least to the level of treatment they receive.

Again, with all that said, this book does have substantial utility. I may still recommend its use in our next course offering (albeit wincing at its amateurish presentation) due to its rather unique scope and focus. A lot of work clearly went into putting it together, and they hit pretty much every topic you'd like to see in a book aimed at this audience, addressing them reasonably effectively. I'm hoping there's a second edition (maybe from a different publisher) that smoothes out the rough edges in presentation and includes more discussion of the recent Stuxnet worm that clearly has major relevance in this field.
1 of 1 people found the following review helpful
3.0 out of 5 stars A good book on cyber warfare policy, but contains nothing on cyber warfare technology 15 Sep 2013
By Sean Moore - Published on
Format:Kindle Edition|Verified Purchase
This is a good book on cyber warfare policy. I must note, however, that I bought it because the descriptions and reviews led me to believe that it included material on cyber warfare technology. In fact, it does not. I am just making other technologists aware of this so they can make a more informed decision to buy it (or not). I liked the book, it just was not what I expected.
1 of 1 people found the following review helpful
5.0 out of 5 stars Know Your Foe 8 Jun 2013
By Dr Wayne - Published on
Format:Kindle Edition|Verified Purchase
One should always know the wiles of the enemy and this book is an interesting introduction to tricks, tactics, and angles of attack that are being used. This book is a good starting place for the serious defender.
1 of 1 people found the following review helpful
4.0 out of 5 stars Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners 24 Nov 2011
By CKV - Published on
Format:Paperback|Verified Purchase
The authors of this book clearly have insights into the actual risks to our information, the related government response and inspiration for actions to take on a personal basis. Read this book to join the conversation with an informed point of view.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category