The goal of this book is to help the reader understand cyber operations. And discussing cyber attacks is one way to untangle the teams, targets, and tools that compose a cyber operation. While current cyber operations’ reporting can be a challenge to “unpack,” this book defines the terms, describes the operations, and profiles some of the key players that scan our critical infrastructure, broadcast fake news, and influence our elections.

Section I started with tactical operations’ examples (e.g., ISIS, Russia) (Chapter 1). We then reviewed web use for insurgent maneuver. For example, AQI/ISIL/ISIS dynamics roughly map to the classic Mao model in transitioning between insurgency phases (Chapter 2).

Chapter 3 was a background on cyber‐crime. This included a review of the Shadow Brokers and the subsequent proliferation of ransomware. Chapters 4 through 8 described nation‐state cyber operations, including Russia, China, the DPRK, and Iran. And Chapter 9 reviewed independent cyber operators, including the development from hactivists, with simple criminal effects, to the global effects felt from Wikileaks in 2010.

Throughout Section I, we reviewed the development timeline for each of the respective actors. Russia performed nearly continuous cyber operations from the initial use of West German hackers to attempt to penetrate the U.S. Star Wars missile defense program in the 1980s. One thread that became apparent in this review was the prominent role ...