National Security: Through The World of Cyber

Running head: NATIONAL SECURITY THROUGH THE WORLD OF CYBER 1

National Security:

Through

The World of Cyber

By: Joseph R Costa Jr

Norwich University

October 18, 2014

NATIONAL SECURITY THROUGH THE WORLD OF CYBER2

Abstract:Get ready to begin a journey into the world of Cyber.

Cybersecurity, Cyber Crimes, and Cyber Terrorism are all of the

hot button topics of the world today. With criminals breaking

into insecure companies servers and stealing your banking, social

security numbers, and other key personal identification

information, we need to learn how to protect ourselves in this

world of Cyber. Cybersecurity starts with you; the user, through

our journey we shall learn ways to protect ourselves in this

online world and what our government is and planning on making

this world safe one for all that enter. We shall talk about

Password Security, Operation Security (OPSEC), and the value of

keeping our devices up to date, and C.I.A; no not the Central

Intelligence Agency, but Confidentiality, Integrity, Availability

and what it means to you. We shall learn about China and their

abilities of attacking through the “Cloud” and what others are

doing to make life harder for you. The Cyber World can be a scary


place for those who are not experienced in the ways of computers

but we shall get through this together and at the end you will

feel a lot better and more prepared to journey in this world.

Shall we begin?

(Press the Power Button to Begin)

Joseph R Costa Jr

Introduction to National Security

Norwich University

October 18, 2014


National Security: Through the World of

Cyber

“Any cyberattack, large or small, is born from a weak link in thesecurity chain. Weak links can take many forms: outdated

software, poorly written code, an abandoned website, developererrors, a user who blindly trusts. Adversaries are committed to

finding these weak links, one and all, and using them to their fulladvantage and using them to their full” (Cisco Networks,

2014)

Since the creation of our country in 1776 by our Founding

Fathers, our government has been there to provide security

through all facets of our lives. We are protected against all

enemies foreign and domestic by our military, we are protected

from disease with the Center of Disease Control and other medical

facilities throughout our country. Our money is protected by the

government in case banks shut down, and we are even protected

from criminal activities in our day to day lives with the

Department of Justice and local and state police forces. However,

what we are not protected from is crime and attacks that come


across our computers, smartphones, and tablets. The cyber world

is like the Wild West, marshals and sheriffs traverse the

landscape and protect the “citizens” of their domains, but when

the bandits come to town they have free reign of these domains

and the innocent people of these domains are the ones whom deal

with the aftermath of such attacks and raids. Unlike the old

western movies, there will be no great hero riding into the

sunset as the credits roll from defeating the bandits because

there cannot be just one hero. We as citizens of the Cyber World

need to stand up against the enemy and band together as one.

Cybersecurity is the responsibility of all persons who traverse

the landscape of the Cyber World. There are steps that need to be

taken in order for you and your loved ones to be safe on this

journey.

History of the Cyber WorldThe history of the Cyber World begins in 1934 with Belgian

information expert Paul Otlet (August 23, 1868 – December 10,

1944), who imagined with the use of technology of the day;

telephone and radio to create a “Radiated Library”. This library


was created on the basis of access and sharing. Throughout his

life, he indexed and cataloged over 15 million books, magazines,

newspapers, photographs, posters, museum pieces, and other

assorted media. It was Otlet’s dream to enable universal access

to all of these items; his global information network was named

the “Mundaneum”. Otlet would go on and inspire future visionaries

of the information science domain and the founding fathers of the

modern internet and World Wide Web. (Popova)

Paul Otlet (Daily Mail UK)

In 1965, two computers at Massachusetts Institute of

Technology communicated with one another using packet-switching

technology. Packet-Switching entails the packaging of data in a

specified format called packets. These packets are then sent over

a form of medium such as; fiber optics or as back in the sixties,

over copper telephone wires. In 1969, computers from UCLA,

Stanford University, and the University of Utah were able to

first speak to each other over a long distance, even though the

first attempt failed because a computer at Stanford crashed.


(Internet Society) Standard protocols were starting to be

established in 1972 and in 1978, the Open Systems Interconnection

(OSI) model was agreed upon. The OSI model is what computers and

networks use to communicate between each other. Starting from the

top, we have the Application Layer where such protocols as HTTP,

POP3, and SMTP are used until it reaches the Physical Layer where

the ones and zeroes are transmitted and delivered to the machine

that you the user are trying to connect to. Throughout the

process, the packets or data that you are sending are

encapsulated with headers and other information used by network

equipment and then later changed over to binary and transmitted

along the medium in which you are connected. (Cisco)

(Escotal)

It All Starts with You; the End User

“In view of all the deadly computer viruses that have beenspreading lately, Weekend Update would like to remind you: when


you link up to another computer, you're linking up to everycomputer that that computer has ever linked up to.” - Dennis

MillerWith the advent of the commercial internet service providers

(ISPs) and the availability of hardware has enabled consumers to

take the World Wide Web with them wherever they so choose. People

nowadays are constantly connected to the internet, whether it is

through a desktop computer, laptop, smartphone, or tablet. Coffee

Shops, Department Stores, and even your local do it yourself

stores are starting to offer free wireless connections to their

customers. With all of this connectivity and unlimited bandwidth

free for all, it is up to the end user to make sure that their

equipment is secured and up to date.

When a user first decides to connect to the glorious world

of the Internet, they have to call a provider, whether it is

Comcast, Verizon, COX, or Time Warner. They enter into a contract

with them for a specified speed. Most users will get around 40-50

Mbps which for the typical home user is more than they will ever

need. The ISP will rent you a modem/router to connect back to

them and will place a standard username and password on the


device, usually admin/admin. Even if the consumer decides to

branch out on their own and purchase their own modem and router,

the standard password is still admin/admin. On these routers

typically is a wireless antenna which allows the end user to

connect their wireless devices to the internet so that they do

not have to pay for any data rates that their cellular provider

might charge them. However these wireless connections are not

secured and are left open. Since these signals are left unsecure,

anyone that is within range of your wireless signal can hop on

and surf the internet, stream music, and of course surf your

local network. If you are anything like the rest of us, you have

downloaded your bank statements to your computer or your bills

and saved them in a nice organized folder somewhere on your

computer. Since your computer network is not secured and the

person that happened to log into your wireless can not see and

steal your bank information and transfer your hard earned money

out of your account. What these ISPs do not tell you is that you

need to change the username and password on your devices away

from the standards, by which means getting away from admin/admin


and choosing a more complicated password. A more complicated

password does not mean using your pet’s or child’s first name and

their birth year as the password. There exists a dictionary of

all passwords that have ever made been that contain eight (8) or

less characters including the special ones. These dictionaries

are called Rainbow Dictionaries. These dictionaries are readily

available to anyone who wants to search for them on Google or

whichever search engine you use on the Internet. (Softonic) What

does this mean to you? Well this means that you need to come up

with a password that has more than eight characters, something

more along the lines of fifteen (15) characters, utilizing upper

and lower case letters, numbers, and special characters. When

passwords are longer and complex it takes the attacker longer to

crack your password. A prime example of a 15 character password

would P@$$W0rd1234567. It is not recommended that you use this

password because this is the example for most 15 character

passwords. There are ways to secure your password even more so.

By using methods such as the picket fence or the Caesar Cipher,

both are quite useful in “encrypting” your password. The picket


fence encryption is when you take your password and create a

visual picket fence. The standard is to create 3 lines of

characters, you start with the first letter on the first line and

then the second character on the next and so further until you

have three lines, or however many you decide you would like.

Since the standard is 3, once you reach the third line, you start

going back up to till you get to the first line and then continue

the process until you are out of characters. Once you have run

out of letters, you combine the first line, then the second line

and third line. Using our earlier example of P@$$W0rd1234567, it

would look something like this: PW15@$0d246$r37. Will this

password be harder to remember yes, but with the complexity of

this password, it will be near impossible for an attacker to

crack into your system. The Caesar Cipher on the other hand does

not have you creating fence lines but instead has your

reorganizing the alphabet. The standard for this cipher is 13

which mean that you take the thirteenth letter of the alphabet

and place that letter under “A” and the continuing with the


alphabet until you arrive at the letter prior. So for our example

password would look something like this; D@$$K0fr1234567.

Operational Security is not just for users that are in the

armed forces or work for government agencies. Operational

Security is something that everyone from your grandmother to your

youngest child should be using. What is meant by operational

security is; “A process of identifying critical information and

subsequently analyzing friendly actions attendant to military

operations and other activities to: a. identify those actions

that can be observed by adversary intelligence systems; b.

determine indicators that hostile intelligence systems might

obtain that could be interpreted or pieced together to derive

critical information in time to be useful to adversaries; and c.

select and execute measures that eliminate or reduce to an

acceptable level the vulnerabilities of friendly actions to

adversary exploitation.” (US Deparment of Defense, 2005) What

does all of this mean to you, the end user? This means that you

should not be posting on Facebook that you are leaving for

vacation for the next month or posting photos of new and


expensive toys (televisions or gaming systems). Just because you

might not be broadcasting to the world your thoughts and

pictures, friends of friends can still see what you post as soon

as one of your friends likes or comments on your post, meaning

that a person that might not be of high moral fiber can break

into your residence while your away or even while you are

sleeping and make off with your goods. Operational Security is

not limited to what you post online but even to that stranger in

line that appears to be interested in something that you are

carrying or even just you in general. We are not saying that you

shouldn’t have conversations with people that you do not know; we

all started off as strangers to one another but we must be

careful in what we disclose to strangers before we really get to

know them. If a stranger is trying to get more specific about

where you work or more about where you come from and live, it is

best to keep the conversation more generalize and not get into

specifics. The poster below is a perfect example of practicing

OPSEC can do for you.


Operation Security Poster (United States Army)

When it comes to securing your personal computer or

electronic device it is important to use passwords like discussed

prior, but it is also important to use antivirus and antimalware

programs and to keep your system up to date. These programs are

designed to be installed on your system and are updated regularly

from the company which created them; Bitdefender, Symantec,

MacAfee. There are programs out there that will defend a whole

network of systems and they are of course more expensive than

your typical home use software. These programs offer a GUI

(Graphical User Interface) that allows you to manage all systems

that have that software installed on them, and even quarantine

them if a virus or if the system itself is not up to date with a

variety of software like, JAVA, FLASH, or just Windows Updates.

By installing these programs having a strong password on your

system, it will make it more difficult for a hacker to enter your

system. That is why it is also important to make sure that your

computer is always up to date. Attackers seek out machines that

are up to date, by seeking out these machines, attackers can


exploit areas which were not secured in their initial release

from their company, and these are sometimes known as backdoors.

Graphical Representation of Application Compromise (Cisco

Networks, 2014)

Network Security“The ultimate goal of the Internet of Things is to increase

operational efficiency, power new business models, and improvequality of life. By connecting everyday objects and networkingthem together, we benefit from their ability to combine simpledata to produce usable intelligence.” (Cisco Networks,

2014)

Network security is very important especially in the private

and public sectors. The private sector contains 99% of the

businesses that we deal with on a daily basis, whether it is food

shopping, shopping at big box stores, or paying our bills online.

We as consumers trust these business to keep our credit card

information secure from cyber-attacks. Recently we have seen that

some of these big box stores have been attacked and our

information stolen from their computer systems. Companies like


Target, Wal-Mart, and Home Depot are just a few that has let us

down as consumers for protection of our data. Apple Computers is

another company that has been in the new recently for lack of

security on their “Cloud” computing system, which allowed an

attacker to seize and distribute photos of a private nature of a

few our favorite celebrities. (iCloud Hacked, 2014) We however

should feel grateful that the public sector hasn’t taken too many

hits as allowing leaking of personal data about it citizens as of

late. The United States has however had a lot of information

leaked about programs that the NSA and CIA were running by an

Edward Snowden. (Wired.com, 2014) How does one go about securing

a network whether it is for a public or private company?

The OSI Model on page 6, Layers 2 and 3 are where your basic

network functions begin. Layer 2 is where data is transmitted

from your computer to the access layer switch. A network switch

is a device that transmits packets back and forth to ports in

which it is designated to go to. Switches today are a lot smarter

than the devices that they replaced years ago. Hubs as they were

called years ago would flood traffic to allow ports that were


active on the device. Nowadays, switches have ARP tables [Tables

that are located on Layer 2 equipment] which are filled with MAC

addresses of the computer or device that is connect to an active

port. A MAC Address is like a social security number for a

person. They are unique identifiers on the Network Interface Card

inside of the device. Traffic that is for a device located

outside of the local network is sent to a router that then pushes

information across a medium, whether it is copper or fiber.

Routers work at the Layer 3 of the OSI model. Routers are really

the brains of the entire operation of networking, without

routers, the world would never be able to get outside of their

local network and data sharing over vast distances would near

impossible. Since both routers and switches are key components to

network communication, it is imperative that we secure these

devices first. How do we go about doing this? Like most

enterprise level network equipment, these devices have console

ports which allow an end user to go into the Command Line

Interface to program them. In the programing the Network Engineer

or Manager will input username and passwords for those who will


have access to the device while it is a part of the network.

During this time, access lists are created which will either

permit or deny access to either certain Internet Protocol

Addresses (IP Addresses) or a port in general; such as port 80

(HTTP traffic) or port 110 (POP3 traffic). By putting these

restrictions in place the amount of traffic that is allowed to

come and go from the network can be diminished and more secure.

Also at this time, encryption is set on these devices and how

many bits [size] the encryption will be. The standard for

government network equipment is between 1024 and 2048 bits. The

further you go up the chain, the more secure network devices

become. The edge of the network, the area in which your local

network connects to the ISP, there is a firewall. A firewall is

what lets traffic come and go from your network; again this is

where access lists are involved and they are set up the same way.

When it comes to Network Security, it is important to

remember C.I.A. Confidentiality, Integrity, and Availability.

Confidentiality means that when you send an email to someone they

are the only person that will get it. Integrity means that the


message that you sent is a legitimate email from you, and

availability is that the network is operating to its full

potential and emails are able to get through to whom they need

to. In confidentiality, keeps sensitive information from reaching

the wrong hands by having the data encrypted or having password

protected. The new norm is having, two factor authentication,

which is having two forms of identification. Which could be

something you know, have, or a part of you; such as a password, a

token, and a finger print. The Department of Defense for example

uses what you know and what you have, a pin number and a common

access card. If either one of these keys were to fall in the

wrong hands, they would not be able to access your system because

they do not possess the other half of the key needed. Integrity

is maintaining the consistency, accuracy, and reliability of data

through its travels, meaning that once the data has left your

computer it is not touch in in way, shape, or form along its

route to the destination computer. Availability is again that the

network is operating at its full potential. To keep a network up

and running to its optimum performance, hardware and software


need to monitored for critical updates, meaning that if a new

firmware or security patch comes out it needs to be installed.

Also when it comes to availability, a backup and recovery plan

need to be in place, for those unplanned events. By having

battery backups and physical backups of your data will help in

the event of a either a power outage or hardware malfunction or a

system crashes. It is a good idea also depending on the size of

the company or government agency to have a complete backup

location where if the event of a terrorist attack and your

building happens to be taken down, the backup site could be

turned up and everything would work from the remote site, minus

time it takes to get the site hot.

Cyber Warfare on your Network

“Today’s critical infrastructure networks are key targets for cyberattack because they have grown to the point where they run thecommand and control systems, manage the logistics, enable the

staff planning and operations, and are the backbone of theintelligence capabilities. More importantly today, most commandand control systems, as well as the weapon systems themselves,

are connected to the GIG [Global Information Grid] or haveembedded computer chips.” (Winterfeld, 2014)


Cyber Warfare can come at your network/system at any

possible time by anyone. There are various types of attacks;

there are viruses, spyware/malware, man in the middle, spoofing

of MAC/IP addresses, phishing/whaling, and botnets. Viruses come

in a variety of flavors as well such as; Trojans, Logic Bombs,

Root Kits, and Worms. Nobody wants to get a virus on their

computer, unless of course you job is to figure out what these

viruses do, but that is beside the point. A Trojan virus hides

itself inside of a program, a “friend” of your emails you the

latest episode of The Game of Thrones, you open the email and see

that it is in a format that your no typically used but however it

claims that it will open with Microsoft Media Player, next thing

you know, your computer is infected with a virus and your

computer crashes. This is typically what viruses will do, they

infect your computer and they will start eating away at certain

programs. Some target antivirus programs, other will attack your

folders in your start menu, or some will even go as far as

knocking out your computer for good; unless of course you

remember where you keep your backup copy. Logic Bombs are hidden


viruses that are set to go off when a certain period is reached,

whether it is by time/date or with a certain number of clicks

here and there. You are probably thinking, I had an antivirus

program, I am all set. You cannot be any further from the truth.

The people that are coming up with these viruses are getting

smarter; they are programming these viruses to grow and learn and

how to defeat your antivirus program. Antivirus programs are just

there to make you feel warm and fuzzy. Some viruses are even

programmed to hide in plain sight and act like just another

application that you have installed on your computer. The only

way to officially make sure a virus is 100% gone off of your

computer or your network to start from scratch and hope that the

virus did not get onto any of your back up data or you will

continue to have this problem. Spyware/Malware are programs and

text files that happened to downloaded from websites that you

happen to visit. The “webmaster” that develop and design websites

tend to throw them to gather data about the type of people that

visit their site. Some just do it to gather information about

your systems to see if they can get into your computer while you


are not paying attention. Programs that you download for free

from the Internet will also sometimes carry these programs as

well. They will come in the shape of toolbars for Google,

Ask.com, or some other kind of search bar feature that you do not

need. When downloading free applications from the web, make sure

it is from a well-known site and not some fly by night website.

Men in the Middle attacks are actually what they are called.

A person will attach themselves to your network and they will see

all the traffic that goes across your network with a program that

sniffs packet traffic. A program such as Wire Shark will be used

to see all traffic that is flowing across your network without

you even knowing about it. Depending on your layers of security

that you have on your network equipment, the packets following

through should be encrypted and the attack will not be able to

get information from your system.

(Computer Hope)

Phishing and Whaling is the same thing, it just depends on

your station within your company, if you are just a regular

employee or a big CEO for a Fortune 500 company. Phishing is an


email that you receive from your company’s “Helpdesk” stating

that your account has been compromised and that you need to send

them your password for them to change it for you. Many people

will fall for this attack and will actually fill out the

information and return the information back to the “Helpdesk” and

then wonder why they are being locked out of the system after the

real Helpdesk sees what the user account has been trying to

access and blocks their account. Attackers who send these types

of emails are trying to gain to your company network by any means

necessary. With good information assurance training, one can be

taught how to spot these types of emails and what do to with

them.

Botnets are a group of computers that have been taken over

by an attacker by a virus that they have sent you or by

haphazardly downloading a program from a seedy website. Your

computer will become a “bot/zombie” in the attacker’s control.

You will not notice any real difference on your computer other

than it is running a little slow or your central processing unit

is running very high even when you are not actively using your


computer. The point of a Botnet is to gather a group of computers

to perform complex tasks that would too much to handle for one

computer, sending spam email out, or even a Distributed Denial of

Service attack (DDoS). A DDoS or DoS (Denial of Service) is an

attack on a piece of network equipment or on a server. A

computer(s) will send ICMP (Internet Control Message Protocol)

such as a ping to a computer over and over again, until such time

the piece of equipment or server cannot take anymore attempts to

connect to another machine that the system will crash.

(NCTA.com)

Now that we know what to look out for when it comes to these

attacks, but who is behind them? There are many terms for an

attacker; Hacker, Black Hat, Hacktivist, Script Kiddie. All of

these names mean all the same thing, they are going to try an

attack your system. There are organizations worldwide that teach

individuals to attack computer systems, other just learn how to

do it by watching videos on YouTube or reading books that can be

found on the subject at any bookstore. China is one the countries

along with the United States in teaching soldiers and citizens to


become hackers. According to Colonel Spade who wrote; “China’s

Cyber Power and America’s National Security” states that China is

transforming their military and defense systems by a method of

“informationization” which includes a networked military and

development of cyber capabilities. China’s push for “Revolution

of Military Affairs” (RMA) has increased the emphasis on

communication networks that link all services, joint training,

modernization of equipment, and the acquisition of power

projection platforms. The RMA also includes a strong emphasis on

information warfare, information dominance with a goal to

establish control of an adversary’s information and data flow,

while denying or degrading the enemy’s ability to transmit,

receive, access or use information. China has established two spy

network stations in Cuba under the permission of Fidel Castro.

Their mission was to monitor U.S. Internet traffic and monitor

DOD communications. During this same time frame China announced

the creation of its cyber warfare units. During this espionage

attack between 10 – 20 terabytes of data was extracted from the

Pentagon’s unclassified network, and other defense contractors.


This attack was called Titan Rain, it systematically target DOD

networks and extracted the data through servers in Hong Kong and

South Korea.

National Security“The security of a nation’s online environment is dependent on anumber of stakeholders with differing needs and roles. From the

user of public communications services to the Internet ServiceProvider supplying the infrastructure and handling everyday

functioning of services, to the entities ensuring a nation’s internaland external security interests – every user of an information

system affects the level of resistance of the national informationinfrastructure to cyber threats.”

(NATO Cooperative Cyber Defence Centre of Excelllence Tallinn,

Estonia, 2012)

National Security in the World of Cyber has finally come to

a head. A lot of information has been put out in this paper but

what does it all mean? How can one person make a difference to so

many? It is our responsibility of being an American Citizen to

protect our critical cyber infrastructure from those who mean to

bring it harm. All systems nowadays are run by computers, whether


it is the electrical grid, the water supply, or even the

transportation department. Every department in every local,

state, or federal government are running computer systems to help

automate the day to day activities and to monitor and push out

information to the end user or administrator on when there is an

issue. The President of the United States has put out an

executive order; Executive Order 13636 that states in the matter

of 12 sections that a framework will be created on how to handle

our cyber security in the United States. In 2012 NATO put a 253

page document on how to handle cyber security;

“Despite increasing awareness of the associated risks,

consumers and large businesses do not take advantage of

available technology and processes to secure their

systems, nor do they take protective measures to blunt

the evolving threat. This general lack of investment

puts firms and consumers at greater risk, leading to

economic loss at the individual and aggregate level and


thus poses direct a threat to national security” (NATO

Cooperative Cyber Defence Centre of Excelllence

Tallinn, Estonia, 2012)

The United States has seen the writing on the wall and has

started concocting ways to fight this Cyber Warfare. The United

States military branches each have their own Cyber Security teams

with the sole responsibility to protecting our nation against

attack in the realm of Cyber. For example the United States Army

has the Cyber Network Defense Team whose responsibility is to

look for attacks against the United States and their [un]secured

networks and to be able to stop them. The United States has more

than just the military looking out for us in the cyber world; we

also have the National Security Agency which monitors all sorts

of communication traffic.

Afterword“Addressing a nation’s cyber security needs is no easy task.

Indeed, it is not even always apparent what those needs exactlyare, or what protecting (or not protecting) a nation’s cyber

environment actually entails. Quite often there are different andcompeting considerations within each nation’s approach. Yeteach nation is faced with a steadily increasing level of cyber


threat, and thus requires the nation’s leadership to recognise thestrategic problem and set forth goals and strategies to addressit.” (NATO Cooperative Cyber Defence Centre of Excelllence Tallinn, Estonia, 2012)

The Cyber World is a rough place to reside, with so many

bandits running around and not enough Sheriffs and Marshals to go

around. It is up to the citizens of this world to protect

themselves against attacks on their systems. By creating stronger

passwords and keeping our systems up to date, we can keep these

bandits at bay. Our federal government is looking out for our

best interests when it comes the Cyber World but only through due

diligence can we remain safe. There was a lot of information put

out about passwords and password security. The reason is, that

passwords are what we use to log into our systems at both work

and at home. If you happen to work for a government agency,

password security and information assurance are big topics that

need to be review on a yearly basis. People tend to leave

password information lying around their desk areas and these

passwords are easily compromised, which can lead attackers

gaining your personal information and using your bank accounts


for their own purposes. If someone were to answer an email asking

for your password and you work for a government agency, you might

have let in an attacker in the network, which could lead to

classified information being stolen or leaked to the news. If

information is leaked to the news or the wrong people, men and

women who are serving this country in a military or a secret

position it is possible that their lives are now being put at

risk.

(Press the Power Button to Shutdown)


BibliographyCisco Networks. (2014). Cisco 2014 Midyear Security Report. United States: Cisco.

Clarke, R. A. (2010). Cyber War: The Next Threat To National Security And What To Do About It. Harper Collins.

Computer Hope. (n.d.). Man in the Middle Attack. Retrieved October 18, 2014, from ComputerHope.com: http://www.computerhope.com/jargon/m/mitma.htm

Daily Mail UK. (n.d.). Photograph of Paul Otlet. Retrieved October 18, 2014, from Dailymail.co.uk: http://i.dailymail.co.uk/i/pix/2012/06/08/article-2156249-1380564F000005DC-228_306x423.jpg

Department of Commerce Internet Policy Task Force. (2011, June). Cybersecurity, Innovation and the Internet Economy.

Department of Homeland Security. (2011, November). Blueprint for a Secure Cyber Future: The Cybersecurity for the Homeland Security Enterprise.

Escotal. (n.d.). OSI.GIF. Retrieved October 18, 2014, from ESCOTAL.com: http://www.escotal.com/Images/Network%20parts/osi.gif

iCloud Hacked. (2014, October 21). Retrieved October 22, 2014, fromReuters: http://www.reuters.com/article/2014/10/21/us-apple-china-security-idUSKCN0I92H020141021

Institue for Information Infrastructure Protection. (2009). National Cyber Security Research and Development Challenges: Related to Economics, Physical Infrastructure, and Human Behavior.


Internet Society. (n.d.). Internet Society. Retrieved October 22, 2014, from History of the Internet: http://www.internetsociety.org/internet/what-internet/history-internet/brief-history-internet

Kizza, J. M. (2014). Computer Network Security and Cyber Ethics. Jefferson, NC: McFarland & Company, Inc.

National Institute of Standards and Technology. (2014, February 12). Framework for Improving Critical Infrastructure Cybersecurity.

NATO Cooperative Cyber Defence Centre of Excelllence Tallinn, Estonia. (2012). National Cyber Security Framework Manual.

NCTA.com. (n.d.). BOTNET-Finalv5. Retrieved October 18, 2014, from NCTA.com: https://www.ncta.com/platform/wp-content/uploads/2013/04/botnet-finalv5.jpeg

Obama, P. B. (2013, February 12). Executive Order 13636 of February 12, 2013 Improving Critical Infrastructure Cybersecurity.

Obama, P. B. (2009). The Comprehensive National Cybersecurity Initiative.

Popova, M. (n.d.). The Birth of the Information Age: How Paul Otlet's Vision for Cataloging and Connectiing Shaped Our World. Retrieved October 18, 2014, from BrainPickings.org: http://www.brainpickings.org/2014/06/09/paul-otlet-alex-wright/

ShutterStock.com. Stock Photo Technology Planet. ShutterStock, New York, New York.

Softonic. (n.d.). Rainbow Dictionary Download. Retrieved October 22, 2014, from Softonic: http://en.softonic.com/s/rainbow+dictionary


Spade, C. J. (2012, May). China's Cyber Power and America's National Security.

United States Army. (n.d.). Retrieved October 18, 2014, from OPSEC Primer: http://usarmy.vo.llnwd.net/e2/c/images/2013/06/17/300436/size0.jpg

United States of America. (2003, February). The National Strategyto Secure Cyberspace.

US Deparment of Defense. (2005). Operation Security. Retrieved October 18, 2014, from The Free Dictionary.com: http://www.thefreedictionary.com/operations+security

Winterfeld, J. A. (2014). Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners. Waltham, MA: Elsevier.

Wired.com. (2014, August 21). Edward Snowden. Retrieved October 22, 2014, from Wired.com: http://www.wired.com/2014/08/edward-snowden/

Documents

National Security: Through The World of Cyber