Amazon Price: N/A (as of March 24, 2017 13:43 –
Planes crash into one another midair. Nuclear power plants go berserk. Railroad crossing gates rise, letting cars pass just as trains whistle by. Thousands are injured or killed. The only connection between these seemingly unrelated events is that the systems controlling them are all Internet-driven.
FBI cryptanalyst forensic examiner John Decker, working at the National Counter Terrorism Center in Northern Virginia, uncovers a deadly plot to sabotage a key US defense contractor. When the plot leads to an old Islamist adversary, long thought dead, Special Agent Decker has no idea he is about to be thrust into a diabolical conspiracy that winds to the heart of our national defense.
Amazon Price: $50.00 $36.72 You save: $13.28 (27%). (as of March 24, 2017 13:43 –
Master the tactics and tools of the advanced persistent threat hacker
In this book, IT security expert Tyler Wrightson reveals the mindset, skills, and effective attack vectors needed to compromise any target of choice. Advanced Persistent Threat Hacking discusses the strategic issues that make all organizations vulnerable and provides noteworthy empirical evidence. You'll learn a proven APT Hacker Methodology for systematically targeting and infiltrating an organization and its IT systems. A unique, five-phased tactical approach to APT hacking is presented with real-world examples and hands-on techniques you can use immediately to execute very effective attacks. Review empirical data from actual attacks conducted by unsophisticated and elite APT hackers alike Learn the APT Hacker Methodology–a systematic approach designed to ensure success, avoid failures, and minimize the risk of being caught Perform in-depth reconnaissance to build a comprehensive understanding of the target Obtain non-technical data about the target, including open source, human, financial, and geographical intelligence Use social engineering to compromise a specific system, application, or workstation Identify and attack wireless networks and wireless client devices Spearphish with hardware-based Trojan devices Physically infiltrate target facilities to obtain access to assets and compromise digital lily pads
The Internet, as well as other telecommunication networks and information systems, have become an integrated part of our daily lives, and our dependency upon their underlying infrastructure is ever-increasing. Unfortunately, as our dependency has grown, so have hostile attacks on the cyber infrastructure by network predators. The lack of security as a core element in the initial design of these information systems has made common desktop software, infrastructure services, and information networks increasingly vulnerable to continuous and innovative breakers of security. Worms, viruses, and spam are examples of attacks that cost the global economy billions of dollars in lost productivity. Sophisticated distributed denial of service (DDoS) attacks that use thousands of web robots (bots) on the Internet and telecommunications networks are on the rise. The ramifications of these attacks are clear: the potential for a devastating largescale network failure, service interruption, or the total unavailability of service. Yet many security programs are based solely on reactive measures, such as the patching of software or the detection of attacks that have already occurred, instead of proactive measures that prevent attacks in the first place. Most of the network security configurations are performed manually and require experts to monitor, tune security devices, and recover from attacks. On the other hand, attacks are getting more sophisticated and highly automated, which gives the attackers an advantage in this technology race. A key contribution of this book is that it provides an integrated view and a comprehensive framework of the various issues relating to cyber infrastructure protection. It covers not only strategy and policy issues, but it also covers social, legal, and technical aspects of cyber security as well. We strongly recommend this book for policymakers and researchers so that they may stay abreast of the latest research and develop a greater understanding of cyber security issues.
Click here to buy from Amazon
Amazon Price: N/A (as of March 24, 2017 01:27 –
Public government statements have cited cyber-attacks by terrorists as a major concern for national security. To date, no large-scale cyber-terrorist attack has been observed, but terrorists are known to be using the Internet for various routine purposes. The discovery of Stuxnet in 2010 was a milestone in the arena of cybersecurity because, although a malware attack on industrial control systems was long believed to be theoretically possible, it was different to see malware used in reality to cause real physical damage. Stuxnet demonstrated that a sufficiently determined adversary with sufficient resources might be able to damage U.S. critical infrastructure physically through a cyber attack. Did Stuxnet change the threat of cyber-terrorism?
This monograph examines cyberterrorism before and after Stuxnet by addressing three questions: 1) Motive—Are terrorists interested in launching cyber-attacks against U.S. critical infrastructures? 2) Means —Are terrorists building capabilities and skills for cyberattacks? and, 3) Opportunity—How vulnerable are U.S. critical infrastructures? Answers to these questions give a characterization of the post-Stuxnet cyberterrorism threat. The next question is why a major cyber-terrorist attack has not happened yet; this is explained from a cost-benefit perspective. Although cyberterrorism may not be an imminent threat, there are reasons to be concerned about the long-term threat and inevitability of cyberattacks. It is important to assess frequently the threat landscape and current government policies for enhancing the protection of national infrastructures.