We've seen North Korea's retaliatory hack of Sony Pictures, China's large-scale industrial espionage against American companies, Russia's 2016 propaganda campaign, and quite a lot more. The cyber war is upon us.As the former Assistant Attorney General and Chief of Staff to FBI Director Robert Mueller, John Carlin has spent 15 years on the frontlines of America's ongoing cyber war with its enemies. In this dramatic book, he tells the story of his years-long secret battle to keep America safe, and warns us of the perils that await us as we embrace the latest digital novelties -- smart appliances, artificial intelligence, self-driving cars -- with little regard for how our enemies might compromise them. The potential targets for our enemies are multiplying: our electrical grid, our companies, our information sources, our satellites. As each sector of the economy goes digital, a new vulnerability is exposed.The Internet of Broken Things makes the urgent case that we need to start innovating more responsibly. As a fleet of web-connected cars and pacemakers rolls off the assembly lines, the potential for danger is overwhelming. We must see and correct these flaws before our enemies exploit them.

    The general said it was. This set in motion the first presidential directive on computer security.The first use of cyber techniques in battle occurred in George H.W. Bush's Kuwait invasion in 1991 to disable Saddam's military communications. One year later, the NSA Director watched Sneakers, in which one of the characters says wars will soon be decided not by bullets or bombs but by information. The NSA and the Pentagon have been rowing over control of cyber weapons ever since.From the 1994 (aborted) US invasion of Haiti, when the plan was to neutralize Haitian air-defenses by making all the telephones in Haiti busy at the same time, to Obama's Defense Department 2015 report on cyber policy that spells out the lead role played by our offensive operation, Fred Kaplan tells the story of the NSA and the Pentagon as they explore, exploit, fight, and defend the US. Dark Territory reveals all the details, including the 1998 incident when someone hacked into major US military commands and it wasn't Iraq, but two teenagers from California; how Israeli jets bomb a nuclear reactor in Syria in 2007 by hacking into Syrian air-defense radar system; the time in 2014 when North Korea hacks Sony's networks to pressure the studio to cancel a major Hollywood blockbuster; and many more. Dark Territory is the most urgent and controversial topic in national defense policy.

    But what is it physically? And where is it really? Our mental map of the network is as blank as the map of the ocean that Columbus carried on his first Atlantic voyage. The Internet, its material nuts and bolts, is an unexplored territory. Until now.In Tubes, journalist Andrew Blum goes inside the Internet's physical infrastructure and flips on the lights, revealing an utterly fresh look at the online world we think we know. It is a shockingly tactile realm of unmarked compounds, populated by a special caste of engineer who pieces together our networks by hand; where glass fibers pulse with light and creaky telegraph buildings, tortuously rewired, become communication hubs once again. From the room in Los Angeles where the Internet first flickered to life to the caverns beneath Manhattan where new fiber-optic cable is buried; from the coast of Portugal, where a ten-thousand-mile undersea cable just two thumbs wide connects Europe and Africa, to the wilds of the Pacific Northwest, where Google, Microsoft, and Facebook have built monumental data centers—Blum chronicles the dramatic story of the Internet's development, explains how it all works, and takes the first-ever in-depth look inside its hidden monuments.This is a book about real places on the map: their sounds and smells, their storied pasts, their physical details, and the people who live there. For all the talk of the "placelessness" of our digital age, the Internet is as fixed in real, physical spaces as the railroad or telephone. You can map it and touch it, and you can visit it. Is the Internet in fact "a series of tubes" as Ted Stevens, the late senator from Alaska, once famously described it? How can we know the Internet's possibilities if we don't know its parts?Like Tracy Kidder's classic The Soul of a New Machine or Tom Vanderbilt's recent bestseller Traffic, Tubes combines on-the-ground reporting and lucid explanation into an engaging, mind-bending narrative to help us understand the physical world that underlies our digital lives.

    Tens of millions of people over several states are affected. For those without access to a generator, there is no running water, no sewage, no refrigeration or light. Food and medical supplies are dwindling. Devices we rely on have gone dark. Banks no longer function, looting is widespread, and law and order are being tested as never before.  It isn’t just a scenario. A well-designed attack on just one of the nation’s three electric power grids could cripple much of our infrastructure—and in the age of cyberwarfare, a laptop has become the only necessary weapon. Several nations hostile to the United States could launch such an assault at any time. In fact, as a former chief scientist of the NSA reveals, China and Russia have already penetrated the grid. And a cybersecurity advisor to President Obama believes that independent actors—from “hacktivists” to terrorists—have the capability as well. “It’s not a question of if,” says Centcom Commander General Lloyd Austin, “it’s a question of when.”  And yet, as Koppel makes clear, the federal government, while well prepared for natural disasters, has no plan for the aftermath of an attack on the power grid.  The current Secretary of Homeland Security suggests keeping a battery-powered radio.In the absence of a government plan, some individuals and communities have taken matters into their own hands. Among the nation’s estimated three million “preppers,” we meet one whose doomsday retreat includes a newly excavated three-acre lake, stocked with fish, and a Wyoming homesteader so self-sufficient that he crafted the thousands of adobe bricks in his house by hand. We also see the unrivaled disaster preparedness of the Mormon church, with its enormous storehouses, high-tech dairies, orchards, and proprietary trucking company – the fruits of a long tradition of anticipating the worst. But how, Koppel asks, will ordinary civilians survive?With urgency and authority, one of our most renowned journalists examines a threat unique to our time and evaluates potential ways to prepare for a catastrophe that is all but inevitable.

    Starting with Alexander Graham Bell's revolutionary "harmonic telegraph," by the middle of the twentieth century the phone system had grown into something extraordinary, a web of cutting-edge switching machines and human operators that linked together millions of people like never before. But the network had a billion-dollar flaw, and once people discovered it, things would never be the same.Exploding the Phone tells this story in full for the first time. It traces the birth of long-distance communication and the telephone, the rise of AT&T's monopoly, the creation of the sophisticated machines that made it all work, and the discovery of Ma Bell's Achilles' heel. Phil Lapsley expertly weaves together the clandestine underground of "phone phreaks" who turned the network into their electronic playground, the mobsters who exploited its flaws to avoid the feds, the explosion of telephone hacking in the counterculture, and the war between the phreaks, the phone company, and the FBI.The product of extensive original research, Exploding the Phone is a ground-breaking, captivating book.

    Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization's unique requirements. You'll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management. Security Metrics successfully bridges management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith's extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You'll learn how to: - Replace nonstop crisis response with a systematic approach to security improvement - Understand the differences between "good" and "bad" metrics - Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk - Quantify the effectiveness of security acquisition, implementation, and other program activities - Organize, aggregate, and analyze your data to bring out key insights - Use visualization to understand and communicate security issues more clearly - Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources - Implement balanced scorecards that present compact, holistic views of organizational security effectiveness Whether you're an engineer or consultant responsible for security and reporting to management-or an executive who needs better information for decision-making-Security Metrics is the resource you have been searching for. Andrew Jaquith, program manager for Yankee Group's Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Inc., a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured in CIO, CSO, InformationWeek, IEEE Security and Privacy, and The Economist. Foreword Preface Acknowledgments About the Author Chapter 1 Introduction: Escaping the Hamster Wheel of Pain Chapter 2 Defining Security Metrics Chapter 3 Diagnosing Problems and Measuring Technical Security Chapter 4 Measuring Program Effectiveness Chapter 5 Analysis Techniques Chapter 6 Visualization Chapter 7 Automating Metrics Calculations Chapter 8 Designing Security Scorecards Index

    We depend on it for everything we do. We have reengineered our business, governance, and social relations around a planetary network unlike any before it. But there are dangers looming, and malign forces are threatening to transform this extraordinary domain.In Black Code, Ronald J. Deibert, a leading expert on digital technology, security, and human rights, lifts the lid on cyberspace and shows what’s at stake for Internet users and citizens. As cyberspace develops in unprecedented ways, powerful agents are scrambling for control. Predatory cyber criminal gangs such as Koobface have made social media their stalking ground. The discovery of Stuxnet, a computer worm reportedly developed by Israel and the United States and aimed at Iran’s nuclear facilities, showed that state cyberwar is now a very real possibility. Governments and corporations are in collusion and are setting the rules of the road behind closed doors.This is not the way it was supposed to be. The Internet’s original promise of a global commons of shared knowledge and communications is now under threat. Drawing on the first-hand experiences of one of the most important protagonists in the battle — the Citizen Lab and its global network of frontline researchers, who have spent more than a decade cracking cyber espionage rings and uncovering attacks on citizens and NGOs worldwide — Black Code takes readers on a fascinating journey into the battle for cyberspace. Thought-provoking, compelling, and sometimes frightening, it is a wakeup call to citizens who have come to take the Internet for granted. Cyberspace is ours, it is what we make of it, Deibert argues, and we need to act now before it slips through our grasp.

    Telecommunications, commercial and financial systems, government operations, food production - virtually every aspect of global civilization now depends on interconnected cyber systems to operate; systems that have helped advance medicine, streamline everyday commerce, and so much more. Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare is your guide to understanding the intricate nature of this pressing subject. Delivered by cybersecurity expert and professor Paul Rosenzweig, these 18 engaging lectures will open your eyes to the structure of the Internet, the unique dangers it breeds, and the ways we’re learning how to understand, manage, and reduce these dangers.In addition, Professor Rosenzweig offers sensible tips on how best to protect yourself, your network, or your business from attack or data loss.Disclaimer: The views expressed in this course are those of the professor and do not necessarily reflect the position or policy of the U.S. Department of Homeland Security, the U.S. Department of Defense, or the U.S. government. Disclaimer: Please note that this recording may include references to supplemental texts or print references that are not essential to the program and not supplied with your purchase.©2013 The Teaching Company, LLC (P)2013 The Great Courses

    Now Bamford describes the transformation of the NSA since 9/11, as the agency increasingly turns its high-tech ears on the American public.The Shadow Factory reconstructs how the NSA missed a chance to thwart the 9/11 hijackers and details how this mistake has led to a heightening of domestic surveillance. In disturbing detail, Bamford describes exactly how every American’s data is being mined and what is being done with it. Any reader who thinks America’s liberties are being protected by Congress will be shocked and appalled at what is revealed here.From the Trade Paperback edition.

    In 2011, a twenty-six-year-old libertarian programmer named Ross Ulbricht launched the ultimate free market: the Silk Road, a clandestine Web site hosted on the Dark Web where anyone could trade anything—drugs, hacking software, forged passports, counterfeit cash, poisons—free of the government’s watchful eye. It wasn’t long before the media got wind of the new Web site where anyone—not just teenagers and weed dealers but terrorists and black hat hackers—could buy and sell contraband detection-free. Spurred by a public outcry, the federal government launched an epic two-year manhunt for the site’s elusive proprietor, with no leads, no witnesses, and no clear jurisdiction. All the investigators knew was that whoever was running the site called himself the Dread Pirate Roberts. The Silk Road quickly ballooned into $1.2 billion enterprise, and Ross embraced his new role as kingpin. He enlisted a loyal crew of allies in high and low places, all as addicted to the danger and thrill of running an illegal marketplace as their customers were to the heroin they sold. Through his network he got wind of the target on his back and took drastic steps to protect himself—including ordering a hit on a former employee. As Ross made plans to disappear forever, the Feds raced against the clock to catch a man they weren’t sure even existed, searching for a needle in the haystack of the global Internet.Drawing on exclusive access to key players and two billion digital words and images Ross left behind, Vanity Fair correspondent and New York Times bestselling author Nick Bilton offers a tale filled with twists and turns, lucky breaks and unbelievable close calls. It’s a story of the boy next door’s ambition gone criminal, spurred on by the clash between the new world of libertarian-leaning, anonymous, decentralized Web advocates and the old world of government control, order, and the rule of law. Filled with unforgettable characters and capped by an astonishing climax, American Kingpin might be dismissed as too outrageous for fiction. But it’s all too real.

    Today, our entire modern way of life, from communication to commerce to conflict, fundamentally depends on the Internet. And the cybersecurity issues that result challenge literally everyone: politicians wrestling with everything from cybercrime to online freedom; generals protecting the nation from new forms of attack, while planning new cyberwars; business executives defending firms from once unimaginable threats, and looking to make money off of them; lawyers and ethicists building new frameworks for right and wrong. Most of all, cybersecurity issues affect us as individuals. We face new questions in everything from our rights and responsibilities as citizens of both the online and real world to simply how to protect ourselves and our families from a new type of danger. And yet, there is perhaps no issue that has grown so important, so quickly, and that touches so many, that remains so poorly understood.In Cybersecurity and CyberWar: What Everyone Needs to Know�, New York Times best-selling author P. W. Singer and noted cyber expert Allan Friedman team up to provide the kind of easy-to-read, yet deeply informative resource book that has been missing on this crucial issue of 21st century life. Written in a lively, accessible style, filled with engaging stories and illustrative anecdotes, the book is structured around the key question areas of cyberspace and its security: how it all works, why it all matters, and what can we do? Along the way, they take readers on a tour of the important (and entertaining) issues and characters of cybersecurity, from the "Anonymous" hacker group and the Stuxnet computer virus to the new cyber units of the Chinese and U.S. militaries. Cybersecurity and CyberWar: What Everyone Needs to Know� is the definitive account on the subject for us all, which comes not a moment too soon.What Everyone Needs to Know� is a registered trademark of Oxford University Press.

    From Mary, Queen of Scots, trapped by her own code, to the Navajo Code Talkers who helped the Allies win World War II, to the incredible (and incredibly simple) logisitical breakthrough that made Internet commerce secure, The Code Book tells the story of the most powerful intellectual weapon ever known: secrecy.Throughout the text are clear technical and mathematical explanations, and portraits of the remarkable personalities who wrote and broke the world’s most difficult codes. Accessible, compelling, and remarkably far-reaching, this book will forever alter your view of history and what drives it. It will also make you wonder how private that e-mail you just sent really is.

    Soon, the identity of one of the suspects was revealed: he was a Russian spy. This huge investigative coup wasn't pulled off by an intelligence agency or a traditional news outlet. Instead, the scoop came from Bellingcat, the open-source investigative team that is redefining the way we think about news, politics, and the digital future.We Are Bellingcat tells the inspiring story of how a college dropout pioneered a new category of reporting and galvanized citizen journalists-working together from their computer screens around the globe-to crack major cases, at a time when fact-based journalism is under assault from authoritarian forces. Founder Eliot Higgins introduces readers to the tools Bellingcat investigators use, tools available to anyone, from software that helps you pinpoint the location of an image, to an app that can nail down the time that photo was taken. This book digs deep into some of Bellingcat's most important investigations-the downing of flight MH17 over Ukraine, Assad's use of chemical weapons in Syria, the identities of alt-right protestors in Charlottesville-with the drama and gripping detail of a spy novel.

    This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations.This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available.This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.

    In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security.Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely.Discover the shortcomings of cybersecurity's best practices Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing--as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.