Develop a Well-Measured Defense Against CybercriminalsWhen we speak of the hacker mind, then, we have come to mean the mind of a miscreant motivated by a broad range of ulterior purposes. We mean script kiddies who download scripts written by others and execute them with the click of a button, we mean vandals with limited impulse control, we mean thieves of data, and then we me...
Develop a Well-Measured Defense Against CybercriminalsWhen we speak of the hacker mind, then, we have come to mean the mind of a miscreant motivated by a broad range of ulterior purposes. We mean script kiddies who download scripts written by others and execute them with the click of a button, we mean vandals with limited impulse control, we mean thieves of data, and then we mean all the people who use that data for extortion, corporate or industrial espionage, state-level spy craft, identity theft, grand larceny, blackmail, vicious revenge, or terror. That's lots of kinds of minds, needing to be understood, needing to be profiled, needing to be penetrated, needing to be known inside and out.--from the preface by Richard Thieme.
Kevin Mitnick ExposedThe infamous hacker Kevin D. Mitnick allows himself and one of his more significant hacks to be weighed and measured.
Cyber Terrorist: Just a Media Buzzword?Learn how the second we become narrow-minded about the security of our organizations and the resolve of our cyber enemy is the second we become vulnerable to some of the worlds most dangerous minds.
Understand Adversary ModelsCan you answer the same questions your adversary will be asking, such as "If I were to attack this target, what effort will be made to identify me, if my attack is detected?"
Characterize Specific ThreatsIdentify where the real threats to your most critical assets lay and learn to answer the question of why you believe those threats are so real.
Manage the Insider ThreatSee how the key to early insider threat detection is in understanding how disgruntled employees move down the critical pathway towards an attack.
Characterize the Extremes-Terrorists and Nation StatesSee why the authors believe that the concept of cyber terrorism should be viewed as a very real and critical emerging threat.
Monitor a Cyber StalkerLearn how software concepts such as "WarmTouch" can help restore the psychological insights lost through traditional, technology driven insider detection techniques.
Case Studies Offer Insight and LessonsSee how characterization theory can be used to analyze some of histories more memorable incidents with 20/20 vision.
Your Solutions Membership Gives You Access to:
Comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page
"From the Author" Forum where the authors post timely
The complete code listings from the book
These downloadable e-booklets:WarDriving: Drive, Detect, Defend: Learning to WarDriveStealing the Network: How to Own a Continent: Product of Fate: The Evolution of a HackerIT Ethics Handbook: Right and Wrong for IT Professionals: Ethics for Programmers and AnalystsRichard Thieme's Islands in the Clickstream: Reflections on Life in a Virtual World
ABOUT THE AUTHORSTom Parker is a computer security analyst who, along side his work for some of the world's largest organizations, providing integral security services is widely known for his vulnerability research on a wide range of platforms and commercial products. His more recent work includes the development of an embedded operating system, media management system and cryptographic code for use on digital video band (DVB) routers, deployed on the networks of hundreds of large organizations around the globe. In 1999, he helped form Global InterSec LLC, playing a leading role in developing key relationships between GIS and the public and private sector security companies. Whilst continuing his vulnerability research, focusing on emerging technologies and new vulnerability exploitation techniques, Tom spends much of his time researching methodologies aimed at characterizing adversarial capabilities and motivations against live, mission critical assets, providing methodologies to aid in adversarial attribution in the unfortunate times when incidents do occur. Currently working as a security consultant for NetSEC, a provider of managed and professional security services; Tom continues his research into finding practical ways for large organizations, to manage the ever growing cost of security, through the identification where the real threats lay there by defining what really matters. Tom is a contributing author to "Stealing the Network: How to Own a Continent" by Syngress publishing (ISBN: 1-931836-05-1).
Matthew G. Devost is President and CEO of the Terrorism Research Center, Inc., overseeing all research, analysis and training programs. He has been researching the impact of information technology on national security since 1993. Matthew is certified in the National Security Agency's INFOSEC Assessment Methodology and is an instructor for the Threat, Exposure and Response Matrix (TERM) methodology. He is a member of the American Society for Industrial Security, the Information Systems Security Association, and the International Association for Counterterrorism & Security Professionals. He has appeared on CNN, MSNBC, FoxNews, NPR, CBS Radio, BBC television, NWCN, Australian television and over five dozen other domestic and international radio and television programs as an expert on terrorism and information warfare.
Marcus H. Sachs is the Director of the SANS Internet Storm Center and is a cyberspace security researcher, writer, and instructor for the SANS Institute. He previously served in the White House Office of Cyberspace Security and was a staff member of the President's Critical Infrastructure Protection Board. While a member of the White House staff, Marcus coordinated efforts to protect and secure the nation's telecommunication and Internet infrastructures, leveraging expertise from United States government agencies, the domestic private sector, and the international community. He also contributed to the National Strategy to Secure Cyberspace, upon his joining of the National Cyber Security Division of the US Department of Homeland Security.
Eric Shaw is a clinical psychologist who has spent the last 20 years specializing in the psychological profiling of political actors and forensic subjects. He has been a consultant supporting manager development and organizational change, a clinician aiding law enforcement and corporate security, an intelligence officer supporting national security interests and a legal consultant providing negotiation and litigation assistance. He has also provided cross-cultural profiling for the U.S. Government on the psychological state and political attitudes of figures such as Saddam Hussein, Iranian revolutionary leaders under Khomeini, senior Soviet military commanders, as well as Yugoslav, Laotian, Cuban and other military and political leaders.
Ed Stroz (CPA, CITP, CFE) is President of Stroz Friedberg, LLC, which he started in 2000 after a sixteen-year career as a Special Agent for the Federal Bureau of Investigation (FBI). Stroz Friedberg performs investigative, consulting, and forensic laboratory services for the most pre-eminent law firms in the country. In 1996, while still a Special Agent, he formed the FBI's Computer Crime Squad in New York City, where he supervised investigations involving computer intrusions, denial-of-service attacks, illegal Internet wiretapping, fraud, money laundering, and violations of intellectual property rights, including trade secrets. Among the more significant FBI investigations Ed handled were: Vladimir Levin's prosecution for hacking a US bank from Russia; the hack against the New York Times web site; the Internet dissemination by "Keystroke Snoopers," a hacking group responsible for a keystroke capture program embedded in a Trojan Horse; Breaking News Network's illegal interception of pager messages; the denial of service attack against a major business magazine; efforts to steal copyrighted content from the Bloomberg system; and the hack of a telecommunications switch.
TOCForeword by Jeff MossChapter 1: IntroductionChapter 2: Theoretical Characterization MetricsChapter 3: Disclosure and the Cyber Food ChainChapter 4: Rating the Attack: Post-Incident Characterization MetricsChapter 5: Asset Threat CharacterizationChapter 6: Bringing It All Together: Completing the Cyber Adversary ModelChapter 7: WarmTouch: Assessing the Insider Threat and Relationship ManagementChapter 8: Managing the Insider ThreatChapter 9: The Cyber Adversary in Groups: Targeting Nations' Critical InfrastructuresChapter 10: Characterizing the Extremes-Terrorists and Nation StatesChapter 11: ConclusionsChapter 12: Return on InvestmentGlossary