In 2011, the United States government declared a cyber attack as equal to an act of war, punishable with conventional military means. Cyber operations, cyber crime, and other forms of cyber activities directed by one state against another are now considered part of the normal relations range of combat and conflict, and the rising fear of cyber conflict has brought about a reorientation of military affairs. What is the reality of this threat? Is it actual or inflated, fear or fact-based? Taking a bold stand against the mainstream wisdom, Valeriano and Maness argue that there is very little evidence that cyber war is, or is likely to become, a serious threat. Their claim is empirically grounded, involving a careful analysis of cyber incidents and disputes experienced by international states since 2001, and an examination of the processes leading to cyber conflict. As the authors convincingly show, cyber incidents are a little-used tactic, with low-level intensity and few to no long-term effects. As well, cyber incidents are motivated by the same dynamics that prompt regional conflicts. Based on this evidence, Valeriano and Maness lay out a set of policy recommendations for proper defense against cyber threats that is built on restraint and regionalism.
Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment—that is, reconnaissance—is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data.
Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods.
Continue reading “Hacking Web Intelligence: Open Source Intelligence and Web Reconnaissance Concepts and Techniques”
You already know the endless list of security "do's and don'ts": run AV software and firewalls, lock everything down, encrypt everything, watch all your network traffic, follow checklists… But even if you're spending a fortune doing all that, you're at greater risk than ever: even the world's most security-focused organizations are being victimized by massive attacks. Something is terribly wrong. We're protecting the wrong things, damaging productivity, and making it way too hard for our people to help us.
Today, getting security right requires more than checklists; it requires careful thinking about your actual threats and technologies. That's what this book is about: how to think about security. Most security books just give you "do's and don'ts." Thinking Security tells you why, and helps you design a security architecture that truly fits your organization.
Continue reading “Thinking Security: Stopping Next Year's Hackers (Addison-Wesley Professional Computing Series)”
"This is one of the most interesting infosec books to come out in the last several years."
–Dino Dai Zovi, Information Security Professional
"Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime."
–Felix 'FX' Lindner
Continue reading “A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security”
As global society becomes more and more dependent, politically and economically, on the flow of information, the power of those who can disrupt and manipulate that flow also increases. In Hacktivism and Cyberwars Tim Jordan and Paul Taylor provide a detailed history of hacktivism's evolution from early hacking culture to its present day status as the radical face of online politics. They describe the ways in which hacktivism has re-appropriated hacking techniques to create an innovative new form of political protest. A full explanation is given of the different strands of hacktivism and the 'cyberwars' it has created, ranging from such avant garde groups as the Electronic Disturbance Theatre to more virtually focused groups labelled 'The Digitally Correct'. The full social and historical context of hacktivism is portrayed to take into account its position in terms of new social movements, direct action and its contribution to the globalization debate.
This book provides an important corrective flip-side to mainstream accounts of E-commerce and broadens the conceptualization of the internet to take into full account the other side of the digital divide.