Start reading Cyber War on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here.

Deliver to your Kindle or other device

 
 
 

Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Cyber War: The Next Threat to National Security and What to Do About It
 
See larger image
 

Cyber War: The Next Threat to National Security and What to Do About It [Kindle Edition]

Richard A. Clarke , Robert Knake

Print List Price: CDN$ 19.99
Kindle Price: CDN$ 11.99 includes free international wireless delivery via Amazon Whispernet
You Save: CDN$ 8.00 (40%)
Sold by: HarperCollins Publishers CA
This price was set by the publisher

Free Kindle Reading App Anybody can read Kindle books even without a Kindle device with the FREE Kindle app for smartphones, tablets, and computers.

To get the free app, enter your e-mail address or mobile phone number.

Formats

Amazon Price New from Used from
Kindle Edition --  
Hardcover CDN $20.05  
Paperback CDN $14.43  
MP3 CD, Audiobook, MP3 Audio, Unabridged CDN $19.52  
Hero Quick Promo
Boxing Day Kindle Deals
Load your library with over 30 popular fiction books and more, today only. Learn more

Customers Who Bought This Item Also Bought


Product Description

Review

“Chilling... [A] harrowing — and persuasive — picture of the cyberthreat the United States faces today.” (Michiko Kakutani, New York Times)

“Clarke and Knake are right to sound the alarm.” (Wall Street Journal)

“[CYBER WAR] may be the most important book about national-security policy in the last several years.” (Slate)

“In this chilling and eye-opening book, Clarke and Knake provide a highly detailed yet accessible look at how cyber warfare is being waged and the need to rethink our national security to face this new threat.” (Booklist)

“Will strengthen Clarke’s claims as one of the founding fathers of cybersecurocracy....It is worth buying this book if only for his pithy five-page vision of this coming apocalypse and a return to stone-age conditions within a week, all because of a few pesky hackers and viruses.” (Financial Times)

Product Description

Author of the #1 New York Times bestseller Against All Enemies, former presidential advisor and counter-terrorism expert Richard A. Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real.


Product Details

  • Format: Kindle Edition
  • File Size: 488 KB
  • Print Length: 312 pages
  • Page Numbers Source ISBN: 0061962236
  • Publisher: HarperCollins e-books; Reprint edition (April 20 2010)
  • Sold by: HarperCollins Publishers CA
  • Language: English
  • ASIN: B003F1WMAM
  • Text-to-Speech: Enabled
  • X-Ray:
  • Word Wise: Not Enabled
  • Amazon Bestsellers Rank: #147,244 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?


Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.1 out of 5 stars  192 reviews
139 of 143 people found the following review helpful
5.0 out of 5 stars The best I've read on the topic April 21 2010
By Amazon Customer - Published on Amazon.com
Format:Hardcover|Vine Customer Review of Free Product
I've been in the information security field just about my entire professional life, both in and out of government, and I've been hearing people sound the alarms about "cyber warfare" for at least the last 15 years. Most of the time their grasp of the technical aspects is limited, they don't have a clear idea about what they're talking about, their scenarios read like movie plots, and they're usually trying to win government contracts. Although this book does have some serious shortcomings, Clarke's book is without a doubt the clearest and best work I've seen on cyber warfare. I'll lay out his book and his thesis first, then I'll tell you where I thought he fell short and what I thought of it.

Clarke first gives an overview of all the instances to date where cyber attacks have been used by state actors. In all cases but one (The Estonia attacks in 2007), the cyber attack was used to enhance a conventional attack. This is actually the best such overview I've seen, included some examples I hadn't heard of before, and Clarke's analysis is spot on. The only thing he didn't include was the very recent "operation aurora" (Google it if you want details), which probably occurred after he finished writing the book.

The book then has a detailed discussion of American policy on cyber warfare, and Clarke details all the developments to date. Since Clarke worked for presidents Clinton, Bush, and Obama on national security issues, this book provides a front row seat to the ins and outs of the way our policies have developed. Clarke also details what is known about the cyber war capabilities of other countries, including China, Russia, and North Korea.

Only then does Clarke begin to go into the technical aspects of cyber attacks, but the technical stuff is very high level (the back cover description explicitly says that this book goes "beyond the geek talk"). He really is just trying to show the potential damage that can be done with cyber attacks. (In other words, this is the part of the book where he tries to scare you).

Clarke then discusses what he views as the primary reasons there has not been significant action in the area of defending against concerted cyber attacks. It is, in my opinion, a very realistic and fair analysis which avoids finger pointing. He then starts to lay out what he feels are reasonable defenses that the US must begin to take.

In the last part of the book he lays out a clear agenda for defending against cyber attacks which includes a mix of regulation (he admits it's a dirty word but thinks it's necessary), more technical controls at major network boundaries, and an expanded scope for DHS to protect the civilian infrastructure too. He also discusses international arms control treaties, and appears to be a big fan of some international cyber war treaties, which, like nuclear arms control treaties from a generation ago, could be used to create "rules of the game" for international war.

As I said, in the beginning, this is without a doubt the best piece on cyber war I've ever read. He really does an excellent job of covering everything from the history to the players to the regulations to the endless possibilities. The one place where I feel he misses the boat is in some of the technical aspects. He admits to not being a technical person, and does make a few technical errors, although they're all far too minor to be worth mentioning. My real issue is that in all his scenarios he starts with the assumption that every combatant (like, say, the USA and China) have successfully hacked into every network that the other side controls, and left backdoors to get back in. Further, none of these back doors have been discovered and removed. As someone who does this for a living, I can assure you it's not that simple. While I have no doubt that a government spending considerable resources could certainly gain access to many networks in a relatively short period of time, and if they left backdoors some might not be discovered, if someone left too many backdoors some would certainly be discovered. Breaking in is not as simple as just pushing a button like it is in the movies - in fact, recent studies have shown that the average security breach is the result of four separate mistakes. While mistakes are made all the time (which means that breaches occur all the time _somewhere_), it's much harder to cause breaches in every system you target all at once. In several places, Clarke's dire warnings fall into the trap of imitating movies more than real life. I will admit that as a technical person this is my bias showing, and I realize that this book is still largely intended to be a policy one, which is why I still give it a very positive rating. I would simply be remiss if I let this pass unmentioned.
86 of 96 people found the following review helpful
5.0 out of 5 stars Easy to Read...... and Scary! April 15 2010
By Patrick Reeves - Published on Amazon.com
Format:Hardcover|Vine Customer Review of Free Product
Richard Clarke's credentials are well established, having been a national security advisor to presidents of both parties, his viewpoints are his own, not politically-driven ideology.

Clarke takes the time to go over the basics of the cyber-universe for those that are not especially net-savvy, and then gets into the meat of the what, who, where and how (the "when" is the big question of course) of potential cyber attacks against the US. He gives a bit of history on attacks that have already happened, and a few that have failed.

I say the information is a bit scary because, even with a degree in Computer Science, I did not know the extent to which the Internet connects and controls so many aspects of our daily lives; in business as well as in our personal lives. More and more machines and appliances are being built with the capability to "talk" to the manufacturers who make them, a legitimate and smart way to diagnose problems and download fixes.... but the idea that the new copy machine in my home office might be hacked, and ordered to malfunction to the point that it catches on fire, is unsettling to say the least.

This is a good book, a page turner, and delivers information every 21st Century American should know.
69 of 77 people found the following review helpful
3.0 out of 5 stars worth reading, but with a big grain of salt Aug. 6 2010
By Adam Thierer - Published on Amazon.com
Format:Hardcover|Verified Purchase
Clarke and Knake's book is important if for no other reason than, as they note, "there are few books on cyber war." Thus, their treatment of the issue will likely remain the most relevant text in the field for some time to come. They define cyber war as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption" and they argue that such actions are on the rise. And they also claim that the U.S. has the most to lose if and when a major cyber war breaks out, since we are now so utterly dependent upon digital technologies and networks.

At their best, Clarke and Knake walk the reader through the mechanics of cyber war, who some of the key players and countries are who could engage in it, and identify what the costs of such of war would entail. Other times, however, the book suffers from a somewhat hysterical tone, as the authors are out here not just to describe cyber war, but to also issue a clarion call for regulatory action to combat it. A bigger problem with the book is the complete lack of reference material, footnotes, or even an index. If you're going to go around sounding like a couple of cyber-Jeremiahs, you really should include some reference material to back up your gloomy assertions of impending doom.

The authors go after ISPs and many other comapnies for supposedly not caring about cyber-security. In reality, those companies have powerful incentives to make sure their networks are relatively safe and secure to avoid costly attacks and retain customers who demand their online information and activities be trouble-free. And most ISPs take steps not just to guard against malware and other types of cyber attacks, but they also offer customers free (or cheap) security software as part of a growing suite of gratis services (anti-virus, parental controls, e-mail, etc).

Clarke and Knake would like to see government impose a fairly sweeping set of new rules on ISPs to better secure their networks against potential attacks. In true deputize-the-middleman fashion, they want ISPs to engage in a great deal more network monitoring (using deep-packet inspection techniques) under threat of legal sanction if things go wrong. They admit there are corresponding costs and privacy concerns, but largely dismiss them and essentially ask us to just get over those concerns in the name of a safer and more secure cyberspace. They do, however, say they would be willing to have a "Privacy and Civil Liberties Board" appointed "to ensure that neither the ISPs nor the government was illegal spying on us." I doubt that will soothe the fears of those who (like me) are fundamentally suspicious of government snooping.

Overall, Clarke and Knake have written a book that is worth reading, but suffers from hyperbolic rhetoric and a serious lack of documentation. Readers should also seek out other perspectives on cyber-security issues, which take a more reasoned approach to the issue.
11 of 11 people found the following review helpful
4.0 out of 5 stars Overall a book worth reading, with some caveats Oct. 10 2010
By Richard Bejtlich - Published on Amazon.com
Format:Hardcover|Verified Purchase
The jacket for "Cyber War" (CW) says "This is the first book about the war of the future -- cyber war." That's not true, but I would blame the publisher for those words and not the authors. A look back to 1998 reveals books like James Adams' "The Next World War: Computers Are the Weapons & the Front Line Is Everywhere," a book whose title is probably cooler than its contents. (I read it back then but did not review it.) So what's the value of CW? I recommend reading the book if you'd like a Beltway insider's view of government and military information warfare history, combined with a few recommendations that could make a difference. CW is strongest when drawing on the authors' experience with arms control but weakest when trying to advocate technical "solutions."

Early in the book I liked the "modern history" of cyber war. I especially enjoyed comparisons with the US military's experiences creating Space Command. I lived through some of that period but was unaware how Space Command's history affected creation of Cyber Command. Later, the book is almost derailed by the over-the-top cyber-geddon described at the end of chapter 3. It's just not necessary to include several pages where everything fails simultaneously, and I bet it erodes the confidence some readers have in the story. I'd remove the doom-and-gloom in future editions because I think people can imagine disasters fairly easily. Push through to chapter 4 and the book is once again on a sensible path, at least with respect to policy and history. For example, I loved reading Microsoft's lobbying goals: don't regulate, keep the military as a customer, and don't critique China! These rang true for me.

Shortly thereafter we encounter the weakest part of CW: technical advice. These sections assume that inspecting and blocking traffic at the ISP level using "deep packet inspection" (DPI), especially "where fiber optic cables come up out of the ocean" (p 163), with signatures from malware companies, is a strategy to protect us from nation-states and other adversaries. I'd like to know how this silly idea is supposed to be any different from the defenses deployed on private networks. Even if .gov provided special "signatures" in "black boxes" at ISPs to "block attacks," sufficiently equipped and motivated adversaries would evade them. The authors admit this already happens on p 260. (On a final technical note: please replace the mathematically impossible IP addresses with something accurate, where each octet is less than 256!)

These weak technical defensive ideas erode one of the authors' main points: reliance on defense instead of offense to counter threats. This will not work because their defensive ideas will fail (and have already failed). They also promote a "declaratory posture" on pp 176-178, with which I agree because it warns adversaries how the US would react to cyber attacks. However, that echoes the concept that the best defense is a good offense, which the authors dislike. The authors also frown on ideas of deterrence, but they (like others) narrowly focus on deterrence via weapon systems (as was the case with nukes). Instead, deterrence in cyberspace should be (and already is) based on the *skill of operators* and their *reputation in battle*. For example, Israel is likely building itself a reputation in cyberspace; who cares about the specific weapons at play?

Finally, the authors discuss cyber war itself, with their definition on p 228 hinging on the word "purpose," meaning the adversary's intent determines whether war is happening or not. I can't believe someone would build policy based on adversary intent, because that can never be conclusively known and could be estimated to be whatever suits the victim's plans. I love General Minihan's quote on p 236 that "we are conducting warfare activities without thinking that it is war." The difference I see between the US and Chinese or Russians is that the Chinese and Russians know cyber war is already happening, but the US does not. The CW authors fall into this trap by talking about "economic warfare" (p 277) without realizing that undermining the US economy *is* the war. I liked the authors' recommendations to ban attacks on civilian infrastructure, along with "bilateral, private" discussions with adversaries; those are far more likely to help compared to DPI, encrypting the electrical grid (p 260), and a "Military Protocol" (p 274).

I bought and read CW, and I think you would enjoy it too.
34 of 43 people found the following review helpful
5.0 out of 5 stars A description of how national rivalries will be implemented in the future April 14 2010
By Charles Ashbacher - Published on Amazon.com
Format:Hardcover|Vine Customer Review of Free Product
I consider the term war to be extremely overused and that includes when it appears in the term "cyber war." I prefer the longer but more accurate term, "cyber component of national rivalries." War is an event between nations where the goal for each side is to kill as many citizens of the other side as quickly and efficiently as possible so that the other nation must accept their terms. In the cyber actions of one nation against another, most human casualties are consequential rather than a direct result of the action.
Few people can match the national security credentials of Richard Clarke and in this book he makes the case for national action to protect the U. S. infrastructure from substantial cyber attack carried out by another nation. Such attacks have already been executed; to date they have not made significant noise in the major news outlets, although most have appeared in the computing literature. Clarke uses the phrase kinetic weapons to refer to the "bombs and bullets" type of warfare, so he distinguishes between cyber attacks and real attacks.
Clarke also mentions several war games that have been carried out and the results are alarming, a great deal of the infrastructure of the United States is vulnerable to a concerted cyber attack if the malicious software entities have been properly placed and timely executed. Of course, he also admits that the United States is also capable of launching cyber attacks of its own.
The most interesting points in the book are when Clarke talks about nuclear weapons and how policies evolved and agreements were reached between the United States and the Soviet Union over how the weapons would be declared and their use specified. There is no question that these agreements helped keep the world safe and worked to defuse several potential crises that could have led to the threat of nuclear weapons being used. Clarke proposes similar guidelines of allowed and disallowed behaviors in the cyber component of national rivalries. Acts such as industrial espionage, spying and other data thefts would be considered acceptable but the destruction of financial data and power plants would be disallowed and considered the equivalent of an attack by kinetic weapons. Certain trial runs that only cause limited damage would result in harsh diplomatic rhetoric but not be considered the equivalent of a kinetic attack.
There is no question that in the modern world, low-level cyber attacks of one nation against another take place on a regular basis. Up to this point, even the most significant have been more in the category of significant annoyance rather than a crisis. However, the potential of a major attack is real and potentially devastating, so it is necessary for the United States to develop an effective strategy of defense and deterrence. Clarke sets down some sound principles for such a strategy while pointing out many of the current vulnerabilities. He does an excellent job in describing the new form of the execution of national rivalries and perhaps even how the next major kinetic war will begin.

Personal note: I have taught computer science at the collegiate level for over twenty years, including courses in encryption and computer security. I have also attended many conferences where at least one of the topics was computer security.

Look for similar items by category