BKCWRCTR.RVW 20080508 "Cyber Warfare and Cyber Terrorism", Lech J. Jacczewski/Andrew M. Colarik, 2008, 978-159140991-5, U$165.00 %E Lech J. Jacczewski %E Andrew M. Colarik %C Suite 200 701 E. Chocolate Ave., Hershey, PA 17033-1117 %D 2008 %G 978-159140991-5 159140991-8 %I IRM Press/Idea Group/IGI Global %O 800-345-432 717-533-8845 fax: 717-533-8661 www.igi-global.com %O http://www.amazon.com/exec/obidos/ASIN/1591409918/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/1591409918/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/1591409918/robsladesin03-20 %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation) %P 532 p. %T "Cyber Warfare and Cyber Terrorism" This is a collection of fifty-four papers, most of them very short. The preface is quite generic, and talks much more about cybercrime than information warfare or cyberterrorism. The introduction does define the terms in relation to politics and war, but still only describes crime and general attacks. (This is in spite of the fact that the material does provide a distinct definition of cybercrime.) The introduction finishes off with a terse catalogue of information security threats. Section one consists of nine papers, supposedly on terms, definitions, and concepts. In reality, most of the content deals with cybercrime and related topics. One essay, rather ironically, asserts that we should be studying what the cyberterrorists are actually doing, but it, like some of the other manuscripts, only retails speculation. There are, indeed, some howling errors in the text that do not prompt confidence in the rest of the assertions: Nimda is said to date from 1990 and to have spread in only twenty-two minutes, and the "AF/91 virus" joke is mentioned but the author obviously doesn't know the origin. (In a later section, one article provides extremely old information on cryptography export regulations, and links them solely to the PGP program.) There is, of course, the by-now-mandatory mention of steganography, although it isn't too annoying, mostly because it doesn't say much. Part two purports to be about "dynamic" aspects of cyberwar and cyberterror, but it's hard to find a common thread in the twelve essays. Two are decent (but simple) articles on counterdeception and ethics. One is a risible attempt to create a technical analysis of trojan horse programs, and since trojans are defined solely by the use of social engineering it becomes little more than a laundry list of possible characteristics. Human aspects are handled in part three, again more in regard to general security than terrorism. There is one reasonable paper on social engineering. Part four turns to technical aspects, supposedly of protection, although the technologies are few and the analysis (and safeguards) limited. Access control (and, again, note that this is generic infosec material) is reviewed in part five. Some of the points raised are quite interesting, but they are isolated and spotty. Although entitled "Business Continuity," part six is a collection of poorly-researched pieces on no consistent topic. The papers in part seven do, at least, stick to the topic of international perspectives on information warfare. Most of the information in this volume can be found, in greater range and depth, in any book on computer security. Almost none of the content is directly relevant to the title. copyright Robert M. Slade, 2008 BKCWRCTR.RVW 20080508