Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Information Warfare", Michael Erbschloe

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKINFWFR.RVW 20020721 Information Warfare , Michael Erbschloe, 2001, 0-07-213260-4, U$29.99 %A Michael Erbschloe %C 300 Water Street, Whitby, Ontario
    Message 1 of 1 , Oct 8, 2002
      BKINFWFR.RVW 20020721

      "Information Warfare", Michael Erbschloe, 2001, 0-07-213260-4, U$29.99
      %A Michael Erbschloe
      %C 300 Water Street, Whitby, Ontario L1N 9B6
      %D 2001
      %G 0-07-213260-4
      %I McGraw-Hill Ryerson/Osborne
      %O U$29.99 800-565-5758 905-430-5134 fax: 905-430-5020
      %P 315 p.
      %T "Information Warfare: How to Survive Cyber Attacks"

      In both the preface and the introduction, the author makes a point of
      stating that this book is different from others in the field, that it
      does not simply use the old military paradigm to analyze information
      warfare, and, as a result, will be more useful to business. It is,
      therefore, rather startling to find, in chapter one, background basics
      that stick strictly to the military model. Everything is presented
      purely from the perspective of single attacker and single defender,
      and it's definitely black hat versus white. The model thus
      constructed is weak in several areas, and would not seem to be able to
      even address a number of issues. For example, writers such as Dorothy
      Denning (cf. BKINWRSC.RVW) postulate the potential harm that can arise
      from corrupted data and other misinformation, which may be used for
      purposes ranging from propaganda to degrading decision systems. And
      what do we do about business situations, where today's colleague may
      be tomorrow's competitor? Chapter two uses profligate verbiage to
      list a few points about economic impacts that will come as no surprise
      whatsoever to anyone with the slightest background in business impact
      analysis. In chapter three, Erbschloe turns to fiction. He proposes
      a scenario in which a gang of cyber-terrorists causes one trillion
      dollars worth of damage. In doing so, the author demonstrates that a)
      his experience in information warfare is limited to viruses, b) his
      experience with viruses is limited to Loveletter, and c) he believes
      all the movie stereotypes about "hackers." Black hat communities are
      seldom as cosmopolitan as the one proposed. They are never as
      original: multiple viruses based on the model used would quickly be
      caught by generic means. It is also a lot easier to write simple
      virus variations than it is to break into specific targeted systems
      for specific targeted information.

      We are told, in chapter four, that in order to fight against the
      information warfare threat, all governments and militaries must get
      together. (Can we hear a chorus of "And do it my way!" swelling in
      the background?) Then we have a relay of military strategies in
      chapter five. Supposedly chapter six turns to corporate strategies,
      but with the emphasis on terrorists and the FBI, we seem to be back to
      the military again. A number of tables are used to assert that
      terrorists and rogue criminals are interested in attacking various
      industries. (Proof of these statements seems to be singularly
      lacking.) Chapter eight lists companies proposed to be in the
      "information warfare" reserve: able to provide expertise in the event
      of an attack. In light of the recent business debacles, these lists
      unintentionally provide some of the most humorous reading in the book.
      (For those who know the security problems of some of these companies,
      the lists are even funnier.)

      Tellingly, the material on the civilian "casualties" of infowar, in
      chapter nine, is the most restricted in the book. Chapter ten seems
      to move into fiction again. Erbschloe, without much in the way of
      evidence, says that the "geek in the basement" brigade is now about to
      turn pro, en masse. (He also states that we are going to have a
      skilled and active black hat population of 600,000 by 2005.) The
      statement, in chapter eleven, that we need more skilled law
      enforcement people is unsurprising, and also unhelpful. The
      conclusion, in chapter twelve, that we need more money and attention
      for security is equally useless.

      This is a verbose reiteration of minor points that are evident to
      anyone with any background in security, let alone specialists in the
      information warfare field. Mind you, the book was probably not
      intended for experts. However, readers with no knowledge of data
      security are likely to be misled. They will feel that they have been
      taught about information warfare. They haven't.

      copyright Robert M. Slade, 2002 BKINFWFR.RVW 20020721

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      In Germany they came first for the Communists, and I didn't speak
      up because I wasn't a Communist. Then they came for the Jews,
      and I didn't speak up because I wasn't a Jew. They came for the
      trade unionists, and I didn't speak up because I wasn't a trade
      unionist. Then they came for the Catholics, and I didn't speak
      up because I was a Protestant. Then they came for me, and by
      that time no one was left to speak up. - Martin Neimoeller
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.