Cloud Security
Published in

Cloud Security

Cybersecurity Book Review: Dark Territory

The evolution of offensive and defensive cybersecurity in the US government

I’ve been so busy that I’ve had little time for books lately, but on my road trip across the country a while back I re-listened to a book called Dark Territory by Fred Kaplan. He is the author of War Stories for Slate.

It seems appropriate to get this review out amidst concerns about ransomware impacting the Colonial Pipeline that is causing gas prices to rise in the United States. The price at my local gas station is up 15 cents per gallon. I reviewed another book, Sandworm, that delves into what can go wrong when attackers take down critical infrastructure in a country and this is a glimpse into that potential reality if we fail to appropriately secure systems. But before anyone gets too frantic, I also wanted to let you know the pipeline put out a statement that it will be operational again by Friday.

Dark Territory covers the history of Ronald Regan watching War Games and asking his staff if something like that could really happen. Find out how films influenced cybersecurity policy throughout history. These stories got me to go out and finally watch the movie Sneakers, but it’s pretty cheesy, to be honest. I hope someone will come up with a more true-to-life and impactful hacker movie soon. It seems like a good time for such a production.

Learn how the military leveraged cybersecurity in the Iraq war by attacking switches and infiltrating command and control systems of foreign countries to stop military airstrikes. The “Surge” and “Shock and Awe” were not all about tanks and guns. Cyber operations had a major influence on the successful parts of the operation. It amazes me that a general in charge of troops did not understand that obtaining communications would be more valuable than destroying them. You will learn about similar pushback on cyber operations from high-ranking Air Force military personnel later in the book.

Lack of understanding of cybersecurity risks puts us all in danger. The next wars will be won and lost with cybersecurity — and by using the computers that were developed through the ingenuity and innovation in the United States. That is one of the reasons I wrote a book on cybersecurity for executives. The cybersecurity of our systems is not just about money. It is a matter of national security and our way of life.

Dark Territory takes the reader through the evolution of red teams that attacked systems to show their weaknesses and how successful they were. The NSA, the Air Force, and many other US military organizations employ red teams to test systems to show their weaknesses. The red teams simulate attacks and show whether or not they can be successful. These tests had some of the greatest influence on helping military officers understand how vulnerable the systems were and the impact they could have on operations during a war. This same concept is used when you hire someone to perform a penetration test.

Find out how a secure network and monitoring system developed by the Air Force proved to be more effective than anything else in stopping attacks. Find out how systems and defenses evolved over time. This book covers some of the same history covered in the last book I reviewed, Cyber Spies, but from the American point of view and with more insight into US players, policies, and decisions makers — and the roadblocks.

Learn how Mudge, the famous hacker in my book review on Cult of the Dead Cow, called out American businessmen trying to tell President Clinton about the “highly sophisticated attacks,” explaining that these were simple attacks that were easy to mitigate. The businesses were simply not taking cybersecurity seriously. Over and over again you will learn how the government makes inquiries into cybersecurity practices at major corporations that push back against legislation and usually prevail.

Another interesting take-away from this book is how little many top decision-makers in the US Government up to Presidents understand the importance of or even basic cybersecurity. Some took it more seriously than others. I often wonder why we are not asking cybersecurity questions in the presidential debates. That needs to be a top skill of anyone leading the country going forward. I’m not sure how well the general population understands this fact. Perhaps we need basic cybersecurity training in schools, and some have already started doing that. I posted some articles about it in my weekly Saturday post on cybersecurity news a couple of weeks ago.

If you are interested in cybersecurity history and how we got to where we are now in the United States with attackers deploying ransomware on gas pipeline systems and raising gas prices, this is a great book to read. I highly recommend it. If you want to get a bit more technical and understand the “how” and “what to do about it” from an executive point of view, read my book, Cybersecurity for Executives in the Age of Cloud.

Teri Radichel

If you liked this story please clap and follow:

Medium: Teri Radichel or Email List: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests services via LinkedIn: Teri Radichel or IANS Research

© 2nd Sight Lab 2021

____________________________________________

Want to learn more about Cybersecurity and Cloud Security? Check out: Cybersecurity for Executives in the Age of Cloud on Amazon

Need Cloud Security Training? 2nd Sight Lab Cloud Security Training

Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.

Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.

What’s going on in cybersecurity? Check out our Cybersecurity News blog each Saturday for the weekly tl;dr for those who are short on time and want some insight.

Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Teri Radichel

Teri Radichel

1.1K Followers

Cloud Security Training and Penetration Testing | GSE, GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN | AWS Hero | Infragard | IANS Faculty | 2ndSightLab.com