The Art of Cyberwarfare [Review]
In recent years cyberattacks have evolved from being the preserve of individual hackers to something much more serious, carried out by organized criminals and even nation states with the aim of espionage and financial gain.
This makes the process of investigating and defending against attacks more important than ever, but the sophistication of the methods used doesn't make the process any easier. This new book from security strategist Jon DiMaggio offers an investigator's guide to understanding the latest generation of threats.
Aimed at helping security analysts interpret and learn from the latest generation of attacks, the first half of this book looks at a number of well-known attacks, how they were carried out and the motivation behind them. These cover financial attacks, ransomware, election interference attempts and more. There's particular emphasis on the tactics used by nation state actors including China and North Korea along with the wider geopolitical context in which these attacks have been carried out.
In the second half the author focuses on the techniques used for investigating threats. This includes things like interpreting email headers, domain analysis, and making use of widely available open source tools as part of the discovery process. At the end of this there's a handy set of questions designed to help investigators build up a threat profile that will allow researchers to more quickly identify similar attacks in future.
Despite being quite technical in parts all of this is presented in an accessible and easy-to-read format. This book deserves to find a place on the shelf of everyone whose role involves protecting networks.