ISSA INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES

Cyberwarfare: Information Operations in a Connected World

SECOND EDITION

Mike Chapple | David Seidl World Headquarters Jones & Bartlett Learning 25 Mall Road, Suite 600 Burlington, MA 01803 978-443-5000 [email protected] www.jblearning.com

Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com.

Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to [email protected].

Copyright © 2023 by Jones & Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner. The content, statements, views, and opinions herein are the sole expression of the respective authors and not that of Jones & Bartlett Learning, LLC. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not constitute or imply its endorsement or recommendation by Jones & Bartlett Learning, LLC and such reference shall not be used for advertising or product endorsement purposes. All trademarks displayed are the trademarks of the parties noted herein. Cyberwarfare: Information Operations in a Connected World, Second Edition is an independent publication and has not been authorized, sponsored, or otherwise approved by the owners of the trademarks or service marks referenced in this product. There may be images in this book that feature models; these models do not necessarily endorse, represent, or participate in the activities represented in the images. Any screenshots in this product are for educational and instructive purposes only. Any individuals and scenarios featured in the case studies throughout this product may be real or fictitious but are used for instructional purposes only. 22831-1 Production Credits VP, Content Strategy and Implementation: Christine Emerton Product Fulfillment Manager: Wendy Kilborn Director of Product Management: Laura Carney Composition: Straive Product Manager: Ned Hinman Project Management: Straive Content Strategist: Melissa Duffy Cover Design: Briana Yates Content Coordinator: Mark Restuccia Media Development Editor: Faith Brosnan Project Manager: Kristen Rogers Rights & Permissions Manager: John Rusk Senior Digital Project Specialist: Angela Dooley Rights Specialist: James Fortney Director of Marketing: Andrea DeFronzo Cover Image (Title Page, Part Opener, Chapter Opener): Marketing Manager: Suzy Balk © Yurii Andreichyn/Shutterstock Content Services Manager: Colleen Lamy Printing and Binding: McNaughton & Gunn VP, Manufacturing and Inventory Control: Therese Connell

Library of Congress Cataloging-in-Publication Data Names: Chapple, Mike, 1975- author. | Seidl, David, author. Title: Cyberwarfare : information operations in a connected world / Mike Chapple, David Seidl. Description: Second edition. | Burlington, Massachusetts : Jones & Bartlett Learning, [2023] | Identifiers: LCCN 2021013019 | ISBN 9781284225440 (paperback) Subjects: LCSH: Cyberspace operations (Military science) | Information warfare. | Computer security. Classification: LCC U167.5.C92 C43 2023 | DDC 355.4/1–dc23 LC record available at https://lccn.loc.gov/2021013019 6048 Printed in the United States of America 25 24 23 22 21 10 9 8 7 6 5 4 3 2 1 © Yurii Andreichyn/Shutterstock.

Contents

Preface xvii Acknowledgments xxi About the Authors xxiii

PART ONE The Cyberwarfare Landscape 1

CHAPTER 1 Information as a Military Asset 3 What Is Cyberwarfare? 5 Likelihood of Cyberwar 6 The Evolving Nature of War 8 The Role of Information in Armed Confl ict 9 Ancient Warfare 9 World Wars 10 Cold War 12 Iraq War and Weapons of Mass Destruction 12 Domains of Warfare 13 Exploring the Cyber Domain 15 Offensive Information Operations 15 Defensive Information Operations 16 Information Operations Techniques 16 Computer Network Attack 18 Computer Network Defense 18 Intelligence Gathering 19 Electronic Warfare 19 Psychological Operations 20 Military Deception 21 Operations Security 21 Identifi cation of Critical Information 23 Threat Analysis 23 Vulnerability Analysis 23 Risk Assessment 24 Countermeasure Implementation 24 iii iv Contents

CHAPTER SUMMARY 25 KEY CONCEPTS AND TERMS 25 CHAPTER 1 ASSESSMENT 26

CHAPTER 2 Targets and Combatants 29 Traditional Military Targets 32 Military Targets in Conventional Warfare 33 Acceptable Targets, Treaties, and International Law 34 Cyber Targets in Unconventional Warfare 36 Targets in Asymmetric Cyberwarfare 37 Total Cyberwarfare 38 Cyberwarfare Targets 39 Cyberwarfare Against Traditional Military Targets 39 Iran Versus U.S. Drones 39 Flame: Replacing Spies with Software 41 The First U.S. Cyberwar Strike: Serbia and Kosovo 41 Nontraditional Cyberwarfare Targets 42 Political Activism and Hacktivism 42 Industrial Espionage 45 Military Cyberattacks on Nontraditional Targets 47 Targets of Information Operations 48 Combatants in Cyberwarfare 48 Military Forces 49 U.S. Cyber Command 49 Guerrilla Cyberwarriors and Insurrectionists 49 Individuals and Small Groups 51 The Jester 51 Comparing Traditional Warfare, Guerrilla Warfare, and Cyberwarfare 52 How Cyberattack Differs from Traditional War 52 The Element of Surprise 54 Deniability 54 CHAPTER SUMMARY 55 KEY CONCEPTS AND TERMS 55 CHAPTER 2 ASSESSMENT 56 Contents v

CHAPTER 3 Cyberwarfare, Law, and Ethics 57 Kinetic Warfare 59 International Law and Kinetic Warfare 59 Legal Review and Legality of Actions 61 Cyberwarfare Law 61 Cyberwarfare in a Kinetic Warfare Context 61 Kinetic Warfare Law in a Cyber Context 62 The Tallinn Manual 63 Sovereignty, Jurisdiction, and Control 65 Sovereignty 65 Jurisdiction 65 Control 66 Responsibility 67 Mercenaries 68 The Use of Force 69 Measuring Force 70 Threats of Force 71 Self-Defense 72 International Governmental Organizations 73 Civilians and Infrastructure 73 Civilians and Military Use of the Internet 73 Prohibited Targets: Children, Journalists, Medical and Religious Personnel, and Nature 74 The Conduct of Attacks and Indiscriminate Means 75 Espionage, Treachery, and Ruses 75 Neutrality 76 Ethics and Cyberwarfare 76 CHAPTER SUMMARY 77 KEY CONCEPTS AND TERMS 78 CHAPTER 3 ASSESSMENT 78

CHAPTER 4 Intelligence Operations in a Connected World 79 Intelligence Operations 81 The Intelligence Cycle 81 Planning and Direction 82 Collection 83 Processing and Exploitation 83 Analysis and Production 84 Dissemination 84 vi Contents

Intelligence Disciplines 86 Human Intelligence (HUMINT) 86 Signals Intelligence (SIGINT) 89 Open Source Intelligence (OSINT) 90 Geospatial Intelligence (GEOINT) 91 Measurement and Signature Intelligence (MASINT) 93 Intelligence Support to Cyberwarfare 94 Supporting Offensive Cyberwarfare 94 Supporting Defensive Cyberwarfare 94 Case Studies: Media Reporting on Intelligence Activities 95 Echelon 95 Telephone Metadata 96 Data Center Eavesdropping 96 Follow the Money 96 Quantum 97 CHAPTER SUMMARY 97 KEY CONCEPTS AND TERMS 98 CHAPTER 4 ASSESSMENT 98

PART TWO Offensive and Defensive Cyberwarfare 101

CHAPTER 5 The Evolving Threat: From Script Kiddies to Advanced Attackers 103 The Changing Threat Model 105 Historical Hacking 105 Modern Hacking 106 Opportunistic Attacks 106 Semi-Targeted Attacks 107 Inside the Advanced Persistent Threat 109 Characteristics of the APT 110 APT Motivations 110 Military/Political 111 Cybercrime and Corporate Espionage 111 Activism 111 APT Tradecraft 111 Zero-Day Attacks 112 Malware 112 Social Engineering and Phishing 113 Strategic Web Compromises 113 Contents vii

The Cyber Kill Chain® 113 Reconnaissance 114 Weaponize 116 Deliver 117 Exploit 118 Install 119 Command and Control 120 Act on Objectives 122 CHAPTER SUMMARY 123 KEY CONCEPTS AND TERMS 123 CHAPTER 5 ASSESSMENT 124

CHAPTER 6 Social Engineering and Cyberwarfare 127 Humans: The Weak Link 129 Social Engineering 130 Influence as a Weapon 131 Reciprocity 132 Commitment and Consistency 133 Social Proof 135 Authority 135 Liking 137 Scarcity 138 Tools of the Social Engineer 139 Pretexting 139 Phishing 141 Baiting 143 Defending Against Social Engineering 143 Security Awareness and Education 143 Incident Reporting and Response 144 Content Filtering 144 Penetration Testing 145 Robin Sage: A Case Study in Social Engineering 145 CHAPTER SUMMARY 147 KEY CONCEPTS AND TERMS 147 CHAPTER 6 ASSESSMENT 148 viii Contents

CHAPTER 7 Weaponizing Cyberspace: A History 151 Early Attacks: The 1990s 153 Solar Sunrise 153 Moonlight Maze 155 Honker Union 157 The 2000s: The Worm Turns 157 Code Red 158 SQL Slammer 159 Titan Rain 159 Stakkato 160 Poison Ivy 161 Senior Suter 161 Stuxnet and the 21st Century 162 Stuxnet 162 Operation Aurora 162 Duqu 164 Flame 164 FOXACID 165 Careto 165 Russia’s Ukraine Campaign 166 USCYBERCOM Action Against Russia 166 CHAPTER SUMMARY 167 KEY CONCEPTS AND TERMS 167 CHAPTER 7 ASSESSMENT 168

CHAPTER 8 Nonstate Actors in Cyberwar 171 Understanding Nonstate Actors 173 Nongovernmental Organizations 173 Organized Crime 173 Corporations 174 Terrorists and Activists 175 Individuals and the Media 175 The Roles of Nonstate Actors in Cyberwar 177 Targets 178 Participants 178 Critics 179 Contents ix

NGOs in Cyberwar 179 Aid Groups 179 Diplomatic Organizations 180 Religious Organizations 181 Organized Crime 181 Corporations 183 Industrial Espionage 183 Cooperation with Intelligence Agencies 184 Terrorists and Activists 185 Estonia 185 Syrian Electronic Army 185 Anonymous 186 Individuals and the Media 187 Individual Motivations 187 Hackers 188 CHAPTER SUMMARY 190 KEY CONCEPTS AND TERMS 190 CHAPTER 8 ASSESSMENT 190

CHAPTER 9 Defense-in-Depth Strategies 193 Defense in Depth 195 Defense-in-Depth Strategies 199 The NSA People, Technology, and Operations Defense Strategy 199 People 199 Technology 200 Operations 200 The 20 CIS Controls 202 The Department of Homeland Security and Defense in Depth 203 Computer Network Defense and Defense in Depth 204 Where and Why Defense in Depth Fails 206 Neglecting Layers: Getting Past the Shell 206 System Administrators: Trusted Attackers 208 Attacking the User: Human Factors 209 Changes in Technology 210 Designing a Modern CND Strategy 212 Dynamic Defense 212 CND and Defense-in-Depth Design 213 Risk and Threats 214 Secure Networks 215 x Contents

Network Enclaves and Properties 215 Monitoring 217 Cryptography 218 Defense Against Malware 218 Endpoint Security Design 219 Physical Security 221 CHAPTER SUMMARY 222 KEY CONCEPTS AND TERMS 222 CHAPTER 9 ASSESSMENT 223

CHAPTER 10 Cryptography and Cyberwar 225 An Introduction to Cryptography 227 Cryptographic Concepts 228 Ciphers and Encryption 229 Key Encryption Terms 229 Symmetric Ciphers 230 Enigma: Using and Breaking Wartime Symmetric Encryption 232 Asymmetric Ciphers 233 Modern Cryptosystems 237 Data Encryption Standard 237 Triple DES 238 Advanced Encryption Standard 239 RSA 239 Hashing and Message Digests 239 Cryptography in Cyberwar 241 Computer Network Defense and Cryptographic Systems 241 Computer Network Attack and Cryptographic Systems 243 Attacking Cryptography 244 Brute Force 245 Acquiring the Keys 245 Attacking the Algorithm 246 NSA and RSA 246 Defeating Attacks on Cryptographic Systems 247 Defenses 247 Defense in Depth Using Cryptographic Systems 247 Weaponizing Cryptography 248 Defensive Cryptography: Malware Encryption 248 Offensive Cryptography 249 Contents xi

Zeus 249 Cryptolocker and Other Ransomware Malware 252 The Future of Cryptography in Cyberwar 253 Attacks 253 Defenses 254 CHAPTER SUMMARY 255 KEY CONCEPTS AND TERMS 256 CHAPTER 10 ASSESSMENT 256

CHAPTER 11 Defending Endpoints 259 Cyberwarfare Endpoints 261 Types of Endpoints 262 Computers 263 Mobile Devices 264 Industrial Control Systems 264 Supervisory Control and Data Acquisition Systems 264 Distributed Control Systems 265 Programmable Logic Controllers 265 Military Systems 267 Drones and Remote Platforms 267 Weapons Systems 268 Command and Control 268 Embedded Systems 269 Attacking Endpoints 271 Protecting Endpoints 272 U.S. Department of Defense Strategy 273 Zero Trust and Endpoint Security 275 Physical Security 275 Policy 275 Procedures 276 Configuration Standards 277 Central Management 277 Configuration Management 278 Patches and Updates 278 Awareness 279 Information Sharing 279 Anti-Malware and Antivirus 280 xii Contents

Network Protection 280 Encryption 281 Allow Listing and Deny Listing 282 Allow Listing 283 Deny or Block Listing 283 Testing 285 CHAPTER SUMMARY 287 KEY CONCEPTS AND TERMS 287 CHAPTER 11 ASSESSMENT 288

CHAPTER 12 Defending Networks 289 Network Defense in Depth 291 Identify, Protect, Detect, Respond, and Recover in the Context of Network Defense 294 Mission Assurance 295 Surviving Attacks 297 Network Operational Procedures 298 Network Security Design 299 Classification 300 Network Defense Technologies 301 Zero Trust 302 Protocols 302 Border Gateway Protocol 303 Transport Layer Security 303 IPsec 303 Network Access Control 303 Network Firewalls 304 Routers and Switches 306 Network Security Boundaries 307 Virtual LANs 307 Intrusion Detection and Prevention Systems 309 Security Information and Event Management Systems 310 Physical Network Protection 310 Wireless Network Security 311 Remote Access and Administration 311 Active Defense 313 Honeypots, Honeynets, and Darknets 314 Active Response 315 Contents xiii

CHAPTER SUMMARY 316 KEY CONCEPTS AND TERMS 316 CHAPTER 12 ASSESSMENT 317

CHAPTER 13 Defending Data 319 Data Classifi cation 321 Data Loss and Prevention 325 Data Spills 325 Data Loss Prevention 327 Encryption and Data Loss 330 Data Integrity and Availability 332 Integrity 332 Availability 333 Backups 333 Redundancy 333 Data Retention and Disposal 334 Data Life Cycle Management 334 Data Labeling 335 Drives and Media Management 336 Data Loss Response 338 CHAPTER SUMMARY 339 KEY CONCEPTS AND TERMS 339 CHAPTER 13 ASSESSMENT 340

PART THREE The Future of Cyberwarfare 341

CHAPTER 14 Cyberwarfare and Military Doctrine 343 Military Doctrine 344 Principles of War 345 Forms of Warfare 347 Levels of Warfare 348 Cyberattack Strikes the Air Force 349 Organizing for Cyber Operations 350 U.S. Strategic Command (USSTRATCOM) 353 U.S. Cyber Command (USCYBERCOM) 353 Five Pillars of Cyberwarfare 354 xiv Contents

CHAPTER SUMMARY 356 KEY CONCEPTS AND TERMS 356 CHAPTER 14 ASSESSMENT 357

CHAPTER 15 Pandora’s Box: The Future of Cyberwarfare 359 The Future of Cyberwar 362 Blurred Boundaries: Cyberwar and Nonstate Actors 363 Advanced Persistent Threats 367 Continuous Warfare 369 Integrating Cyberwar and Kinetic Warfare 371 Alliances and Partnerships 371 International Law and Cyberwarfare 373 Networks Everywhere: Cyberwar in a Highly Connected World 374 Cyberwar and Infrastructure 376 Advanced Tools and Training 376 The Future of Defensive Cyberwar 378 CHAPTER SUMMARY 379 KEY CONCEPTS AND TERMS 379 CHAPTER 15 ASSESSMENT 380

References 381

Glossary of Key Terms 397

Index 409 This book is dedicated to our friend and colleague, Dewitt Latimer. Rest in peace, dear friend.

© Yurii Andreichyn/Shutterstock.

Preface

Purpose of This Book

This book is part of the Information Systems Security & Assurance Series from Jones & Bartlett Learning (www.jblearning.com ). Designed for courses and curriculums in IT Security, Cybersecurity, Information Assurance, and Information Systems Security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information security principles packed with real-world applications and examples. Authored by Certifi ed Information Systems Security Professionals (CISSPs), they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the fi eld, these books are not just current, but forward-thinking— putting you in the position to solve the cybersecurity challenges not just of today but of tomorrow as well. Consider this scenario: On a quiet June morning, sometime in the future, military commanders at U.S. Strategic Command in Nebraska gather around a computer screen, pointing at a series of social media posts that have just appeared on their screens. They are somewhat bewildered, because the posts seemed to come out of the blue, and they haven’t heard anything from higher levels of command yet. Here’s what they see:

International Cable News Breaking News: President Jones killed in attack on White House. More to come.

Unifi ed Press Agencies Military troops ordered on high alert after DC attacks. Retaliatory strikes expected.

The commanding general picks up the hotline phone to place a call to the National Military Command Center to obtain further direction. She gets a puzzled look on her face when she hears a rapid busy signal. Normally, the watch offi cer in Washington answers the phone immediately. She quickly fl ips on the television and fi nds static instead of the normal cable news broadcast. A young soldier in the command center turns to a computer connected to the public Internet and fi nds that he is unable to connect to any websites. The command center has no contact with the outside world and has received information that an attack against the nation’s capital has resulted in the death of the commander in chief. An alarmed airman approaches the general and reports: “Ma’am, we’ve lost control of one of our Predator drones. Station 6 is no longer able to control the fl ight, and the drone appears to be following orders from someone else.” The alarmed command staff turns its xvii xviii Preface

attention to a monitor that is still streaming live video from the drone over a secure network and watches in horror as the drone begins to land at an airstrip in the Middle East. It is surrounded by inquisitive foreign military officers before the feed goes dead. Did the attack against Washington actually take place? Is this the beginning of a major armed conflict? Were the social media posts legitimate or the results of cyberattacks against the press’s social media accounts? Are communication circuits dead because of a bomb dropped on a communications complex or a cyberwarfare attack against the command center? How did the enemy gain control of that drone? What is going to happen next? Of course, this is a fictional scenario. But each of the attacks described here has occurred in one form or another over the past decade. In this book, you will learn about the role that cyberwarfare plays in modern military operations. In today’s connected world, it has become almost impossible to separate cyberwarfare from traditional warfare. The tools and techniques of cyberattacks have become part of the modern military arsenal, and cyberattacks can be expected before, during, and after armed conflict. This book is divided into three parts. In Part One, you will learn about the history of cyberwarfare. Information is a military asset and has played an important role in armed conflict from the days of Sun Tzu and Julius Caesar to the present. With the emergence of the cyber domain, electronic battles have joined the ranks of air, land, sea, and space warfare. This cyberwarfare leads to a variety of new concerns. Military planners must learn how to select and attack cybertargets. Military ethicists must apply long-standing principles of ethics and the law of armed conflict to domains that were never previously envisioned. In Part Two of this book, you will learn how offensive cyberwarfare has become an important part of the modern military arsenal. The rise of the advanced persistent threat has changed the face of cyberwarfare, and military planners must now be conscious of the Cyber Kill Chain: the series of cyberwarfare actions that include reconnaissance, weaponization, delivery, exploitation, installation, command and control, and acting on objectives. You will read about the history of cyberwarfare and how it evolved from a novelty in the 1990s to a powerful integrated weapon in recent years. You will learn about the various types of malware that plagued the Internet in the 1990s and early 2000s and how malware evolved into military weapons used to destroy nuclear facilities in recent years. You will also learn how nonstate actors have appeared on the cyberwarfare stage armed with more power than ever before. You will also learn about the defensive strategies that militaries have developed to protect themselves against cyberattacks. The concept of defense in depth is critical to building a well-rounded defense that will stand up to cyberwarfare events. Military defenses have evolved to include technological defenses such as cryptography, endpoint protection, firewalls, and data loss prevention systems. In Part Three, you will learn how cyberwarfare may evolve in the future. You will read about military doctrine’s evolution to include this new domain of warfare and how military planners use threat modeling and deterrence to plan strategic and tactical cyberwarfare operations. You will also learn how recent events have opened a Pandora’s box, setting the stage for future cyberwarfare attacks. Preface xix

New to This Edition

This edition is revised and expanded to include new developments in U.S. military cyberwarfare doctrine as well as changes in the U.S. military’s organizational structure for cyberwarfare. The text incorporates recent examples of cyberwarfare operations waged against the United States and its allies as well as examples of offensive cyberwarfare operations undertaken by those nations. Events like the 2020 SolarWinds Orion breach, large-scale cyberwarfare attacks, and defensive concepts like zero trust are all part of the updates. Cyberwarfare changes quickly, and new attacks, threat actors, and methodologies appear constantly. This book will help prepare you to think about cyberwarfare by combining historical context, current operational strategies, and insights into the future. Learning Features

The writing style of this book is practical and conversational. Step-by-step examples of information security concepts and procedures are presented throughout the text. Each chapter begins with a statement of learning objectives. Illustrations are used both to clarify the material and to vary the presentation. The text is sprinkled with Notes, Tips, FYIs, Warnings, and sidebars to alert the reader to additional helpful information related to the subject under discussion. Assessments appear at the end of each chapter, with solutions provided in the back of the book. Chapter summaries are included in the text to provide a rapid review or preview of the material and to help students understand the relative importance of the concepts presented. Audience

The material is suitable for undergraduate or graduate computer science majors or information science majors, students at a 2-year technical college or community college who have a basic technical background, or readers who have a basic understanding of IT security and want to expand their knowledge. Cloud Labs

This text is accompanied by Cybersecurity Cloud Labs. These hands-on virtual labs provide immersive mock IT infrastructures where students can learn and practice foundational cybersecurity skills as an extension of the lessons in this textbook. For more information or to purchase the labs, visit go.jblearning.com/Cyberwarfare2e

© Yurii Andreichyn/Shutterstock.

Acknowledgments

The authors would like to thank the many people who contributed to the successful publication of this book. First and foremost, we had a tremendous team of subject matter experts assisting us in the preparation of our manuscript. Justin Hensley, director of information security and infrastructure at the University of the Cumberlands, served as our technical editor and gave us valuable input during the writing process. We would like to thank Melissa Duffy and Ned Hinman of Jones & Bartlett Learning for their continued friendship and support on this project. They helped bring together an incredible team of professionals who ensured its success. This manuscript benefi ted from the skills of a top-notch editing team. Sheryl Nelson corrected our typos, pointed out areas of ambiguity in the text, and served as a wonderful advisor throughout the project. Thank you all for your guidance and support. We also extend our thanks to Carole Jelen of Waterside Productions, our literary agent. Carole’s decades of experience and wonderful network of contacts proved themselves invaluable once again on this project. Finally, we would like to thank the many people we never met who contributed to this book. Artists, layout specialists, and technical staff at Jones & Bartlett Learning helped this book make the leap from our minds to the printed page or electronic text that you read today. Thank you all for your help.

xxi

© Yurii Andreichyn/Shutterstock.

About the Authors

MIKE CHAPPLE, PhD, is teaching professor of information technology at the University of Notre Dame’s Mendoza College of Business. He previously served as Notre Dame’s senior director for IT service delivery, where he oversaw the information security function. In past positions, he served as both a consultant and an active duty Air Force offi cer. He is a technical editor for Information Security magazine and has written 25 other books, including the Security + Study Guide, Information Security Illuminated , and the Offi cial CISSP Study Guide . He earned his undergraduate and PhD degrees from Notre Dame in computer science and engineering. He also holds a master’s degree in computer science from the University of Idaho and an MBA from Auburn University. DAVID SEIDL is the vice president for information technology and CIO at Miami Univer- sity of Ohio. During his career, he has served in a variety of technical and information security roles, including serving as the senior director for campus technology services at the University of Notre Dame where he oversaw cloud operations, ERP, databases, iden- tity management, and a broad range of other technologies and services. He also served as Notre Dame’s director of information security, led Notre Dame’s information security program, and previously taught a popular course on networking and security for Notre Dame’s Mendoza College of Business. David has written books on security certifi cation and cyberwarfare including the Security + Study Guide, The CYSA+ Study Guide, The Offi cial (ISC)2 Practice Tests, and numerous other books. David holds a bachelor’s degree in communication technology and a master’s degree in information security from Eastern Michigan University, as well as CISSP, GPEN, GCIH, CSA+, and Pentest+ certifi cations.

xxiii