Book Review: Cyberwar: The Next Threat to National Security & What to Do About It

Book Review: Cyberwar: The Next Threat to National Security & What to Do About It; by Richard A.
Clarke, Robert Knacke, ISBN 0061962236, 304 pgs, Apr 2010

In the book “Cyberwar: The Next Threat to National Security & What to Do About It”
the author Robert Clarke claims that the United States is vulnerable to a nation level cyber attack
due to dependencies on cyber and a emphasis on offensive cyber operations rather than defensive
operations. The book also lies out a way ahead on how to mitigate the threat of cyber attacks
with fixes in three basic areas that he referred to as the ‘Defensive Triad’. 1) monitoring traffic
at the ISP’s as a early detection of a nation level attack 2) securing the government/DoD
networks and 3) secure the US Power Grid. Clarke further outlines a path that the US should
lead for controlling cyber warfare. 1) building a broad understanding of the threat of cyber war
2) Developing the Defensive Triad discussed above 3) Developing a effective international
process for combating Cyber Crime (to include attribution) 4) Reducing Cyber Arms (similar to
Nuclear Arms reduction) 5) R&D for more secure networks 6) President decision on Computer
Network Attack (CNA)
The audience that Mr. Clarke is reaching is fairly broad in my opinion. From the
government official to the network administrator responsible for a private company or
organization this book has something of interest for most people involved with securing,
penetrating or testing networks. Personally, being a government employee and involved in
network admistration and Information Assurance I felt the author did a good job at staying at a
high enough level to reach the non-technical audience and including enough interesting
information to satisfy the technical audience.
Looking at Clarke’s Defensive Triad I have to completely agree on this first strategic
point. The ISP backbone is like the rail system was for World War I Germany, a high speed
means to reach out and attack any neighbor with overwhelming force and numbers. If we don’t
have a way to see attacks mounting then we are at serious risk to attack. Government legislation
have to find a way to force ISP’s to provide additional protection to the backbone, if that is
offsetting the cost with taxpayer funds or the customer absorbing the additional cost through
increased rates. Second strategy, securing the DoD networks, this is a product of how networks
have been built and managed in my opinion. Until recently, DoD installations managed their
networks on a site-by-site basis and this has lead to a lack of standardization in BBP’s and
security. Now with the initiative on cloud computing, I believe this will change, more
standardization and security will be implemented in DoD networks. Third point, the power grid
is the lynchpin of a cyber war, if you shut down the power, then the enemy shuts down its
servers and therefore its weapon systems. Power Grid is the lynchpin for a cyber war.
I recommend this book. It is a open and discussion of Clarke’s six paths between
international government leaders and commercial business leaders would definitely help in
developing a plan to deter a global cyber war. The Defensive Triad is a simple yet achievable
strategy for posturing the US for success in a cyber war.


Blog Purpose

Hello, the primary purpose for my blog is to have a location on the internet where i can post IT book reviews, article reviews and other IT related material with the world wide webs.  I’ll be posting projects and tinkering as well.