Cybersecurity and Cyberwar (55 page)
Read Cybersecurity and Cyberwar Online
Authors: Peter W. Singer Allan Friedman,Allan Friedman
People's Liberation Army (PLA):
The Chinese military.
phishing:
An attempt to fool the user into voluntarily supplying credentials, such as a password or bank account number, often by spoofed e-mails or fake web pages. “Spear phishing” attacks are customized to target specific individuals.
protocol:
A set of formats and rules that defines how communications can be exchanged.
pwn:
Hacker term meaning to “own,” or take control of, a rival's systems and networks.
ransomware:
A type of malware that restricts access to a target and demands payment to return regular service.
red-team:
To examine and/or simulate an attack on oneself, in order to identify and close vulnerabilities before an adversary can do so. Often performed by “white hat” hackers.
RickRolling:
The Internet meme of tricking someone into watching a horribly addictive music video by 1980s singer Rick Astley.
root access:
The ability to read and write to every file on a system. This ability is necessary for the administration of an operating system, but if adversaries get root access, they “pwn” the system.
Secure Internet Protocol Router Network (SIPRNet):
The US military's classified network, used to communicate secret information following the same basic protocols as the broader Internet.
social engineering:
The practice of manipulating people into revealing confidential information online.
SQL injection:
A common attack vector against web servers. The attacker attempts to trick a website into passing a “rogue” Structured Query Language (SQL) command to the database. If the database program can be compromised, the attacker may be able to gain access to other files or permissions on the server.
Structured Query Language (SQL):
A type of programming language used to manage data.
Stuxnet:
Created by US and Israeli intelligence agencies, a computer worm specifically designed to sabotage Iranian nuclear research facilities.
supervisory control and data acquisition (SCADA):
A type of industrial control system, particularly used to monitor and manage interconnected sensors and control large facilities.
test beds:
Extensible models and mockups used to simulate large IT systems, networks, and operational environments, on which attacks and defenses can be mimicked, replicated, and practiced.
Tor:
Short for “The Onion Router,” an overlay network that provides online protection against surveillance and traffic analysis. Originally developed with US government funding, now maintained and operated by an international group of volunteers and researchers.
Transport Control Protocol (TCP):
Paired with the Internet Protocol, one of the foundational protocols of the Internet. Developed by Vint Cerf and Bob Kahn in 1974, TCP manages expectations that each end of a networked communication link has of the other end.
Trojan:
A type of malware disguised or attached to legitimate or innocuous-seeming software, but that instead carries a malicious payload, most often opening a backdoor to unauthorized users. Named after a large wooden farm animal.
typosquatting:
The practice of registering web domains just one letter off from a popular website, and collecting advertisement revenue from the page visits by those with clumsy fingers.
Unit 61398:
Also known in cybersecurity circles as the “Comment Crew” or “Shanghai Group,” a key unit in the Chinese military tasked with gathering political, economic, and military-related intelligence on the United States through cyber means. In 2013, it was caught stealing employee passwords to break into the computer networks of the
New York Times
.
virus:
A malware program that can replicate itself and spread from computer to computer.
watering hole:
A type of attack that targets specific groups by compromising websites frequently visited by that community or occupation.
whitelisting:
A security practice that defines a set of acceptable software, e-mail senders, or other components, then bans everything else.
WikiLeaks:
An online organization formed in 2006 with the goal of “exposing corruption and abuse around the world.” It is also frequently used to refer to a series of scandals in 2010, when a trove of US diplomatic cables were released online.
worm:
A type of malware that spreads automatically over a network, installing and replicating itself. The network traffic from rapid replication and spread can cripple networks even when the malware does not have a malicious payload.
zero day:
An attack that exploits a previously unknown vulnerability; taken from the notion that the attacks takes places on the zeroth day of the awareness. Knowledge about zero-day exploits are valuable to both defenders and attackers.
zombie:
A computer that has been compromised by an outside party, for the purpose of exploiting its computational and network resources; frequently linked into a botnet.
9/11.
See
September 11
Acquisti, Alessandor,
31
Advanced Persistent Threat (APT),
55
â
60
,
91
,
141
,
188
â
189
Advanced Research Projects Agency (ARPA).
See
DARPA
Advanced Research Projects Agency Network (ARPANET),
16
,
18
Algeier, Scott,
224
Alperovitch, Dmitri,
91
â
92
,
94
â
96
,
146
,
232
Assange, Julian,
51
â
54
,
84
,
195
Assente, Michael,
233
asymmetric cryptography.
See
cryptography
Automated Teller Machine (ATM),
32
,
85
,
244
Autonomous System (AS),
24
â
25
Baker, Stewart,
215
Bataller, Erik,
226
Bernard, Baruch.
See
Baruch Plan
Biden, Joe,
195
Big Data,
250
Bin Laden, Osama,
101
â
102
,
105
Bitcoin.
See
digital currency
black market (digital),
73
,
90
,
98
,
109
,
158
,
178
.
See also
Silk Road
blue-team.
See
red-team
Botnets
Braithwaite, Bill,
231
Brammer, Robert,
240
Brookings Institution,
21
â
23
,
57
,
249
â
250
Brown, Brittany,
102
Bucci, Steven,
242
Byzantine Hades,
75
Cartwright, James,
156
cats,
10
,
21
,
38
,
174
,
193
,
219
,
252
,
254
cell phone.
See
mobile device
Center for Disease Control (CDC),
173
â
175
Central Intelligence Agency (CIA),
35
â
36
,
92
â
93
,
192
,
199
,
207
Certificate Authority (CA),
48
â
49
Charney, Scott,
176
China
domestic Internet use,
15
,
54
,
72
,
107
,
110
,
252
offensive cyber operations,
57
,
59
â
60
,
75
â
76
,
78
,
92
â
95
,
112
â
114
,
138
â
144
,
226
U.S.âChina relations,
7
,
60
,
68
â
70
,
74
,
121
,
180
,
188
â
189
,
192
â
193
,
214
â
215
(
see also
Great Firewall; Javaphile; People's Liberation Army (PLA); Unit 61398)
Clark, David,
30
Clausewitz, Carol Von,
126
Cold War,
67
,
121
â
122
,
147
â
149
,
160
â
162
,
173
â
174
,
192
,
238
Comment Crew.
See
Unit 61398
Computer Emergency Response Team (CERT),
188
,
200
computer network operations (CNO),
126
â
127
computer science,
19
,
65
,
142
,
239
Conficker,
72
â
73
,
196
â
197
,
244
Congress,
8
,
12
,
20
,
68
,
107
,
138
,
164
,
198
,
202
,
209
,
227
critical infrastructure
definition of,
15
Croom, Charles,
155
Cult of the Dead Cow,
77
cult of the offensive,
153
cyber arms race,
4
,
157
,
160
â
163
,
236
Cyber Command (CYBERCOM),
133
â
135
cyber theft,
26
,
92
,
95
,
125
,
146
,
177
,
189
,
219
â
220
Defense Science Board,
144
â
145
Deibert, Ronald,
74
â
75
,
164
,
187
Dempsey, Martin,
249
Department of Defense
and creation of the Internet,
13
,
203
and cybersecurity,
52
â
53
,
133
,
198
,
225
(
see also
Cyber Command (CYBERCOM))
Department of Homeland Security (DHS),
36
â
37
,
133
,
199
â
200
,
220
,
235
â
236
deterrence,
70
,
136
â
137
,
144
â
147
,
155
â
156
,
161
device driver,
116
digital currency,
207
digital native,
4
Distributed Denial of Service (DDoS)
and attribution,
208
DNS Changer Virus,
169
Doctorow, Cory,
165
Domain Name System (DNS),
22
doxing
definition of,
79
drone.
See
unmanned systems
Dungle, Lynn,
240
Dunlap, Charles,
124
Electronic Disturbance Theater,
78
