CyberWar

Si Vis Pacem, Para Bellum

By

Computer Attack and Cyberterrorism

Computer Attack and CyberterrorismMany international terrorist groups now actively use computers and the Internet to communicate, and several may develop or acquire the necessary technical skills to direct a co-ordinated attack against computers in the United States. A cyberattack intended to harm the U.S. economy would likely target computers that operate the civilian critical infrastructure and government agencies. However, there is disagreement among some observers about whether a co-ordinated cyberattack against the U.S. critical infrastructure could be extremely harmful, or even whether computers operating the civilian critical infrastructure actually offer an effective target for furthering terrorists’ goals. While there is no published evidence that terrorist organizations are currently planning a co-ordinated attack against computers, computer system vulnerabilities persist world-wide, and initiators of the random cyberattacks that plague computers on the Internet remain largely unknown. Reports from security organisations show that random attacks are now increasingly implemented through use of automated tools, called ‘bots’, that direct large numbers of compromised computers to launch attacks through the Internet as swarms. The growing trend toward the use of more automated attack tools has also overwhelmed some of the current methodologies used for tracking Internet cyberattacks. This book provides background information for three types of attacks against computers (cyberattack, physical attack, and electromagnetic attack), and discusses related vulnerabilities for each type of attack.The book also describes the possible effects of a co-ordinated cyberattack, or computer network attack (CNA), against U.S. infrastructure computers, along with possible technical capabilities of international terrorists. Issues for Congress may include how could trends in cyberattacks be measured more effectively; what is appropriate guidance for DOD use of cyberweapons; should cybersecurity be combined with, or remain separate from, the physical security organization within DHS; how can commercial vendors be encouraged to improve the security of their products; and what are options to encourage U.S. citizens to follow better cybersecurity practices. Appendices to this book describe computer viruses, spyware, and ‘bot networks’, and how malicious programs are used to enable cybercrime and cyberespionage. Also, similarities are drawn between planning tactics currently used by computer hackers and those used by terrorists groups for conventional attacks.

Price: $37.00

Click here to buy from Amazon

By

Reverse Deception Organized Cyber Threat Counter-Exploitation

Reverse Deception Organized Cyber Threat Counter-ExploitationA complete guide to understanding and fighting advanced persistent threats—today’s most destructive risk to enterprise security

Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).

APTs cannot be seen, spread invisibly, and then continue to live in an enterprise network, undetected. In this one-of-a-kind book, the authors explain how to get—and stay—ahead of today’s well-organized and extremely persistent brand of network enemies. The book describes the characteristics of malware and botnets, how they can morph, evade detection, and spin off decoys that live in-network, while appearing to have been cleaned up and debugged. This detailed guide then reveals how to detect the appearance of malicious code, decode the types of enemies they originate from, and finally, how to extricate malcode and deflect its future entry into networks.

Reverse Deception: Organized Cyber Threat Counter-Exploitation features:

  • Full coverage of the #1 feared type of network attack today, the APT
  • Descriptions of cyber espionage tactics seen in the U.S. and internationally, with comparisons of the types of countermeasures permissible by law in the U.S. and Asia versus less strict countries in Europe, the Middle East, and Africa
  • Enthralling case studies and true stories from the authors’ FBI, DOD, NSA, and private sector work
  • Foreword by Fred Feer, a security professional with 40 years’ experience with the U.S. Army counterintelligence, CIA, RAND, and independent consulting
  • Complete coverage of key aspects of deception, counter-deception, behavioral profiling, and security within the cyber realm
  • Cat-and-mouse strategies from the best in the game—explains how to implement deception and disinformation techniques against a variety of incoming threats aimed at enticing adversaries out into the open
  • A fresh perspective on innovative, field-tested ideas for successfully countering current digital threats—plus expected characteristics of the next threats to come
  • Legal explanations of capabilities, limitations, and requirements for assisting law enforcement investigations

Coverage includes:
Deception Throughout History to Today; The Applications & Goals of Cyber Counterintelligence; The Missions and Outcomes of Criminal Profiling; Legal & Ethical Aspects of Deception; Attack Tradecraft; Operational Deception; Tools, Tactics & Procedures; Attack Attribution; Black Hat Motivators; Understanding Advanced Persistent Threats; When & When Not to Act; Implementation & Validation Tactics

Price: $40.00

Click here to buy from Amazon

 

By

Who Controls the Internet?: Illusions of a Borderless World

Who Controls the Internet?: Illusions of a Borderless WorldIs the Internet erasing national borders? Will the future of the Net be set by Internet engineers, rogue programmers, the United Nations, or powerful countries? Who’s really in control of what’s happening on the Net?
In this provocative new book, Jack Goldsmith and Tim Wu tell the fascinating story of the Internet’s challenge to governmental rule in the 1990s, and the ensuing battles with governments around the world. It’s a book about the fate of one idea–that the Internet might liberate us forever from government, borders, and even our physical selves. We learn of Google’s struggles with the French government and Yahoo’s capitulation to the Chinese regime; of how the European Union sets privacy standards on the Net for the entire world; and of eBay’s struggles with fraud and how it slowly learned to trust the FBI. In a decade of events the original vision is uprooted, as governments time and time again assert their power to direct the future of the Internet. The destiny of the Internet over the next decades, argue Goldsmith and Wu, will reflect the interests of powerful nations and the conflicts within and between them.
While acknowledging the many attractions of the earliest visions of the Internet, the authors describe the new order, and speaking to both its surprising virtues and unavoidable vices. Far from destroying the Internet, the experience of the last decade has lead to a quiet rediscovery of some of the oldest functions and justifications for territorial government. While territorial governments have unavoidable problems, it has proven hard to replace what legitimacy governments have, and harder yet to replace the system of rule of law that controls the unchecked evils of anarchy. While the Net will change some of the ways that territorial states govern, it will not diminish the oldest and most fundamental roles of government and challenges of governance.
Well written and filled with fascinating examples, including colorful portraits of many key players in Internet history, this is a work that is bound to stir heated debate in the cyberspace community.

Price: $15.95

Click here to buy from Amazon

By

Handbook on Securing Cyber-Physical Critical Infrastructure

Handbook on Securing Cyber-Physical Critical InfrastructureThe worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing critical cyber and physical infrastructures as well as their underlying computing and communication architectures and systems. Examples of such infrastructures include utility networks (e.g., electrical power grids), ground transportation systems (automotives, roads, bridges and tunnels), airports and air traffic control systems, wired and wireless communication and sensor networks, systems for storing and distributing water and food supplies, medical and healthcare delivery systems, as well as financial, banking and commercial transaction assets. The handbook focus mostly on the scientific foundations and engineering techniques – while also addressing the proper integration of policies and access control mechanisms, for example, how human-developed policies can be properly enforced by an automated system.

*Addresses the technical challenges facing design of secure infrastructures by providing examples of problems and solutions from a wide variety of internal and external attack scenarios

*Includes contributions from leading researchers and practitioners in relevant application areas such as smart power grid, intelligent transportation systems, healthcare industry and so on.

*Loaded with examples of real world problems and pathways to solutions utilizing specific tools and techniques described in detail throughout

Price: $99.95

Click here to buy from Amazon

By

Fuzzing for Software Security Testing and Quality Assurance

Fuzzing for Software Security Testing and Quality Assurance (Artech House Information Security and Privacy)“A fascinating look at the new direction fuzzing technology is taking — useful for both QA engineers and bug hunters alike!”

Dave Aitel, CTO, Immunity Inc.

Learn the code cracker’s malicious mindset, so you can find worn-size holes in the software you are designing, testing, and building. Fuzzing for Software Security Testing and Quality Assurance takes a weapon from the black-hat arsenal to give you a powerful new tool to build secure, high-quality software. This practical resource helps you add extra protection without adding expense or time to already tight schedules and budgets. The book shows you how to make fuzzing a standard practice that integrates seamlessly with all development activities.

This comprehensive reference goes through each phase of software development and points out where testing and auditing can tighten security. It surveys all popular commercial fuzzing tools and explains how to select the right one for a software development project. The book also identifies those cases where commercial tools fall short and when there is a need for building your own fuzzing tools.

Price: $85.00

Click here to buy from Amazon

/* */