Cybercrime and Espionage
An Analysis of Subversive Multi-Vector ThreatsBy
- Will Gragido, Faculty Member of the IANS Institute where he specializes in advanced threat, botnet, and malware analysis.
- John Pirc, John is an advisor to HP's CISO on Cyber Security and has lectured at the US Naval Post Graduate School.
Cybercrime and Espionage provides a wealth of knowledge related to the realities seen in the execution of advanced attacks, their success from the perspective of exploitation and their presence within all industry. This book will educate you on realities of advanced, next generation threats, which take form in a variety ways. The authors, working in conjunction with strategic technology partners have key insights into the realm of what these new threats, dubbed Subversive Multi-Vector Threats or SMTs. Whether the goal is to acquire and subsequently sell intellectual property from one organization to a competitor or the international black markets, to compromise financial data and systems, or undermine the security posture of a nation state by another nation state or sub-national entity, these threats are real and growing at an alarming pace.
Paperback, 272 Pages
Published: January 2011
"Risks have evolved. We havent. While we stabilize toward checkbox compliance, adversaries and IT accelerate onward. Adversaries know youre compliant - and do not care - theyre counting on it. Lets replace faith-based dogma with intellectual honesty. As fellow Cassandras, Will and John confront you with modern threat models and challenge you to adapt".--Joshua Corman, Research Director for Enterprise Security, The 451 Group "During 2010 three specific names signaled a fundamental shift in the risks that come from dealing in an interconnected world: Project Aurora, Stuxnet, and Wikileaks. This book provides the insights of an intelligence analyst on what got us to this point, and forecasts what information security professionals will be dealing with in the near future".--James Turner, Advisor, IBRS "Cybercrime and Espionage was probably the most comprehensive and relevant book on the cyber security landscape written to date. The authors captured the true essence of the methods and cyber trade craft backed with use case after use case. I find this book a must have for any security professional or executive that has the responsibility for ensuring the protection of their corporate infrastructure."--Alan Kessler VP & GM HP Networking Security Products Group/TippingPoint "John and Will have done a great job in framing the threat landscape and pointing out just how far we have to go in order to truly understand the cyber threats confronting us, to better secure our networks, and to mitigate risk within our respective organizations.Cybercrime and Espionage is a great read and should provide a call to action for any executive management team. Well done."--Nick Lantuh, President of Netwitness Corporation "Overall, this was a really interesting reading material. The authors managed to provide a fresh perspective on the intricacies surrounding modern cyber crime of today, but have not neglected the big picture ." --Help Net Security
Chapter 1. Introduction: Cybercrime and Espionage and the New Security 101
Chapter 2. Evolution Revolution: Maturity of Communications Systems and the Emergence of Advanced Web Technology
Chapter 3. The Silent Killer: How Regulatory Compliance Has Worsened The State of Information Security
Chapter 4. Mediating the Great Divorce: The Convergence of Physical and Logical SecurityNon-State Sponsored: Stealing Chapter 5: Information Is Our Business .and Business Is Good: Asymmetric Forms of Gathering Information
Chapter 6: State Sponsored Intelligence Types
Chapter 7: Cyber X: Criminal Syndicates, Nation states, Sub-National Entities and Beyond
Chapter 8: Rise of the Subversive Multi-Vector Threat
Chapter 9: Seven Commonalities of Subversive Multi-Vector Threats
Chapter 10: Examples of Compromise and Presence of Subversive Multi-Vector Threats
Chapter 11: Hiding in Plain Sight: Next Generation Techniques and Tools for Avoidance and Obfuscation
Chapter 12: Weapons of Our Warfare: Next Generation Techniques and Tools for Detection, Identification and Analysis