The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime

This is a book for the systems engineers, analysts, CEOs, managers, as well as the general public. Rare to reach out to so many. The book is a cross between an IBM presentation for its technical staff and a Tom Clancy novel!As a reader, my background is in systems programming. I found the information; and background of what occurred to be fascinating! Mr. DiMaggio has an excellent gift to tell a story on an otherwise dry, but vital topic that has often times made me question my carrer choices with each new malware book that I have previously read. With the materials, data and other evidence presented, the author provides the average non technical person as well as the techies, the story and roadmap of how things are detected, and how bad guys are brought down.Since the Colonial Pipeline attack last year, many from all walks of life have wanted to know and understand more about what is going on. The front page New YorkTimes article on this brought this to the attention of Americans across the entire country, not just those affected on the east coast. This book is the one to read for all regardless of background.Malware exploits by nation state attackers, as well as the infamous malware cartel, are presented to readers of all experiences in a manner that all can understand, regardless of background making it a book of distinction.The book stands out not only on this, but on the excellent ability of Mr. DiMaggio to tell a story that holds the interest for those not in this field who want to know more. I have read the standard fare of malware books primarily on the technical level but found them dry and lacking in the presentation of the story behind the exploits. Not so with this book! It is a cross between an IBM presentation for its technical staff and a Tom Clancy novel which makes it a gift from the others I have persevered through!The diagrams are very clear and informative with once again, the added element of art applied to them which also makes the data presented here very clear. Some colour in the diagrams would have been better, but that may be the publisher and not the author. It seems many of the No Starch Press publications I have read lack colour content.Also the data the author uses comes from publicly available sources, that is readily available to actually see for attribution. With some books I have had to pay if I wanted to see the data they used, nice change here on that!I have recommended this book to others in business organizations and especially in the crypto-technology world, including those who have a high level idea of what is going on and would like to have something presented as a roadmap to how these cartels and nation state attackers work and are brought down. Excellent book for blockchain managers and developers.I would have liked to have heard more details about Mr. DiMaggio’s work with the feds/law enforcement. Maybe that will be a topic for a second book.

Excellent read. Very enlightening. First half is history and current state of The Art of Cyberwarfare. Meanwhile, the second half walks the reader through an intriguing case study. This is a must read for EVERYONE today. Good luck out there. Take care. 73!

Cyberwarfare is a complex topic to define. It's a relatively new concept, and there are many ways to refer to it. Cyberwar, cyber war, cyber warfare, cyberwarfare, and more. Irrespective of how one wants to spell or define it, the reality is that it is upon us. And it behooves every organization and nation to have a plan to deal with it. If not, the only alternative is that they will be a victim.In The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime (NoStarch Press), author Jon DiMaggio has written an interesting book that provides an overview of the new world order of cyberwarfare.One of the earliest viruses was Yankee Doodle in 1989, which was limited to playing the song Yankee Doodle daily at 5:00 PM. Thirty-three years later, the scene is radically different. Countries such as North Korea, China, and others use cyberwarfare technologies to launch attacks against their enemy's technology systems, steal massive amounts of money from these enemies, and more.The first half of the book details the overall issue and many examples of nation-state attacks and state-sponsored financial attacks. In many organizations, management is still in denial and thinks that no nation-state would be interested in attacking them. The first four chapters provide plenty of fodder for the security management to present to senior management and the board to help them understand the scope of these massive security issues.The book spends time detailing the threat from North Korea. While North Korea, more correctly the Democratic People's Republic of Korea (DPRK), may find most of its 26 million citizens living in poverty, hunger, and without electricity, the country is a significant digital threat to the west.DiMaggio writes that the DPRK is a patient attacker that spends considerable amounts of time within the target's environment before executing the financial theft phase of the attack.In some cases, DPRK attackers spent several months observing and learning their target systems and how they connect and interact with other banking resources. Firms that don't have appropriate defenses against attackers like the DPRK may find themselves on the receiving end of a digital attack.Part two of the book details threat hunting and analyzing advanced cyber threats. There are many tools that can be used for analysis and attribution. As to attribution, DiMaggio cautions that this is not a trivial endeavor and notes that far too many companies and countries have jumped the gun when it comes to attribution, which they later regretted by blaming the wrong perpetrator.For those looking for a guide to help them understand the new world of cyber war, The Art of Cyberwarfare provides the reader with a good overview of this expanding threat and what they can do to avoid being a victim.

Thank you Jon DiMaggio for sharing so many practical advise and knowledge. I have learnt a tremendous amount of information and even skills from this book. Looking forward to reading your future books too.

Mon premier livre dans la CTI. J'ai beaucoup apprécié et beaucoup appris !

must read for cyber professionals

Für mich waren die ersten Kapitel sehr interessant. Die meisten großen Cyber-Angriffe habe ich mitbekommen, aber auch schon wieder verdrängt. Somit war es echt spannend hier nochmals die Ausmaße nachzulesen.Die Bewertung von E-Mail-Header information ist für Anfänger ein guter Einstieg. Aber grade bei SMTP kann man noch viel lernen. Hier ist zu empfehlen über den Tellerrand zu schauenDas letzte Kapitel mit der Übung ist für Einstieger echt gelungen.

Even though first chapters with historical events, are long, they still provide good foundations for later chapters. I especially liked Chapter 8 and OSINT one.Still, pivoting parts would have been better.I highly recommend this book

Found it quite interesting to read