Read Online Reverse Deception: Organized Cyber Threat Counter-Exploitation by Sean Bodmer - Free Book Online Page A
Book: Reverse Deception: Organized Cyber Threat Counter-Exploitation by Sean Bodmer
Read Free Book Online
Authors: Sean Bodmer
Ads: Link
personal leverage.
The book has three parts. Part I introduces some basic concepts:
The history of deception and how it applies in the cyber realm
The age of modern cyber warfare and counterintelligence, and how it affects every enterprise, company, organization, university, and government
Why the tactics and techniques of counterintelligence are such an important tool for every stakeholder involved with securing your enterprise
A basic legal explanation of capabilities and limitations of prosecutable versus nonprosecutable investigations, and where and when it is worthwhile to implement criminal profiling, deception, and disinformation
Part II discusses techniques and approaches to defending against threats, intended to empower administrators and security personnel to act, but more important, to be proactive in their efforts:
How to analyze and react to advanced intrusions and intruders at a much deeper level than is typically done today
How to implement deception and disinformation against advanced threats in order to drive/push them in directions you desire
Functional methods and tactics that can be used to attack the minds and morale of persistent threats while operating within your own network
The nature of different motivations for online malicious/criminal behavior
Part III finishes up with the following topics:
Case studies of prior experiences of the authors where deception and disinformation was used against advanced threats in order to perform attribution
Concepts and methods for validating whether your counterintelligence operations are working on your threat or adversary
As you read through this book, think of it as an operational manual of successful best practices. All of the contributors understand our areas of specialty and each other’s accordingly. We fully believe this book contains successful strategies for regaining control of your enterprise from as many persistent and advanced threats that are targeting you, with as little mitigated harm to your operations, and as much desired damage to the morale of your threats and adversaries as possible.
This guide has plenty of fear, uncertainty, and doom (FUD), since today everyone is a target—whether you are a stakeholder of an enterprise, a professional, or a member of the family of a professional. In today’s world, everyone is a desired target, and the threats range from the casual, curious hacker all the way up to the highly skilled state-sponsored hacker.
Finally, keep in mind that some of the acronyms used in this book have connections to military or government vernacular or terminology, as most of us come from a Department of Defense, Department of Justice, or intelligence community background.
Why should you read this book? Because you have a computer connected to the Internet, and there’s valuable information, honor, and money at stake (did we mention there will be a lot of FUD in this book?).
CHAPTER
1
State of the Advanced Cyber Threat
Have You Heard About the APT?
So have you heard about advanced persistent threats (APTs)? Everyone has by now, and they’re not going away any time soon. The only things that have changed over the years are the tools and tactics involved in performing exploitation of enterprise networks and maintaining persistent control of the victim’s network. We personally do not believe in the advanced part of the acronym, unless the threats involve specific zero-day exploits (which are exploits that have been developed for vulnerabilities that have not been seen in the wild prior to that date) that were not publicly disclosed or exploits that are tailored for the specific victim.
Most threats today are meant to be persistent and to maintain remote control of the victims for as long as possible without detection in order to use the resources of the victim’s machine or to gather information for as long as possible. In most of the public lectures that have been given around the world,
The book has three parts. Part I introduces some basic concepts:
The history of deception and how it applies in the cyber realm
The age of modern cyber warfare and counterintelligence, and how it affects every enterprise, company, organization, university, and government
Why the tactics and techniques of counterintelligence are such an important tool for every stakeholder involved with securing your enterprise
A basic legal explanation of capabilities and limitations of prosecutable versus nonprosecutable investigations, and where and when it is worthwhile to implement criminal profiling, deception, and disinformation
Part II discusses techniques and approaches to defending against threats, intended to empower administrators and security personnel to act, but more important, to be proactive in their efforts:
How to analyze and react to advanced intrusions and intruders at a much deeper level than is typically done today
How to implement deception and disinformation against advanced threats in order to drive/push them in directions you desire
Functional methods and tactics that can be used to attack the minds and morale of persistent threats while operating within your own network
The nature of different motivations for online malicious/criminal behavior
Part III finishes up with the following topics:
Case studies of prior experiences of the authors where deception and disinformation was used against advanced threats in order to perform attribution
Concepts and methods for validating whether your counterintelligence operations are working on your threat or adversary
As you read through this book, think of it as an operational manual of successful best practices. All of the contributors understand our areas of specialty and each other’s accordingly. We fully believe this book contains successful strategies for regaining control of your enterprise from as many persistent and advanced threats that are targeting you, with as little mitigated harm to your operations, and as much desired damage to the morale of your threats and adversaries as possible.
This guide has plenty of fear, uncertainty, and doom (FUD), since today everyone is a target—whether you are a stakeholder of an enterprise, a professional, or a member of the family of a professional. In today’s world, everyone is a desired target, and the threats range from the casual, curious hacker all the way up to the highly skilled state-sponsored hacker.
Finally, keep in mind that some of the acronyms used in this book have connections to military or government vernacular or terminology, as most of us come from a Department of Defense, Department of Justice, or intelligence community background.
Why should you read this book? Because you have a computer connected to the Internet, and there’s valuable information, honor, and money at stake (did we mention there will be a lot of FUD in this book?).
CHAPTER
1
State of the Advanced Cyber Threat
Have You Heard About the APT?
So have you heard about advanced persistent threats (APTs)? Everyone has by now, and they’re not going away any time soon. The only things that have changed over the years are the tools and tactics involved in performing exploitation of enterprise networks and maintaining persistent control of the victim’s network. We personally do not believe in the advanced part of the acronym, unless the threats involve specific zero-day exploits (which are exploits that have been developed for vulnerabilities that have not been seen in the wild prior to that date) that were not publicly disclosed or exploits that are tailored for the specific victim.
Most threats today are meant to be persistent and to maintain remote control of the victims for as long as possible without detection in order to use the resources of the victim’s machine or to gather information for as long as possible. In most of the public lectures that have been given around the world,
Similar Books
