Cyber Defense (2nd ed.)

The US military is preparing for 21st Century electronic warfare and cyber terrorism. A joint US Cyber Command and four service cyber commands have been set up.

Their mission is to defend American military networks and civilian American infrastructure from cyber terrorism and from foreign government hackers.

The officers leading these cyber commands explain how they are organized, how they operate, and how they will protect the United States from foreign military hackers, intelligence agencies, and cyber terrorists.

13,450 words

Price: $3.99

Click here to buy from Amazon

Chained Exploits: Advanced Hacking Attacks from Start to Finish

Chained Exploits: Advanced Hacking Attacks from Start to FinishThe complete guide to today’s hard-to-defend chained attacks: performing them and preventing them

Nowadays, it’s rare for malicious hackers to rely on just one exploit or tool; instead, they use “chained” exploits that integrate multiple forms of attack to achieve their goals. Chained exploits are far more complex and far more difficult to defend. Few security or hacking books cover them well and most don’t cover them at all. Now there’s a book that brings together start-to-finish information about today’s most widespread chained exploits–both how to perform them and how to prevent them.

Chained Exploits demonstrates this advanced hacking attack technique through detailed examples that reflect real-world attack strategies, use today’s most common attack tools, and focus on actual high-value targets, including credit card and healthcare data. Relentlessly thorough and realistic, this book covers the full spectrum of attack avenues, from wireless networks to physical access and social engineering.

Writing for security, network, and other IT professionals, the authors take you through each attack, one step at a time, and then introduce today’s most effective countermeasures— both technical and human. Coverage includes:

  • Constructing convincing new phishing attacks
  • Discovering which sites other Web users are visiting
  • Wreaking havoc on IT security via wireless networks
  • Disrupting competitors’ Web sites
  • Performing–and preventing–corporate espionage
  • Destroying secure files
  • Gaining access to private healthcare records
  • Attacking the viewers of social networking pages
  • Creating entirely new exploits
  • and more

Andrew Whitaker, Director of Enterprise InfoSec and Networking for Training Camp, has been featured in The Wall Street Journal and BusinessWeek. He coauthored Penetration Testing and Network Defense. Andrew was a winner of EC Council’s Instructor of Excellence Award.

Keatron Evans is President and Chief Security Consultant of Blink Digital Security, LLC, a trainer for Training Camp, and winner of EC Council’s Instructor of Excellence Award.

Jack B. Voth specializes in penetration testing, vulnerability assessment, and perimeter security. He co-owns The Client Server, Inc., and teaches for Training Camp throughout the United States and abroad.

informit.com/aw

Cover photograph © Corbis /

Jupiter Images

$49.99 US

$59.99 CANADA

Price: $49.99

Click here to buy from Amazon

National Defense Strategy – United States of America

National Defense Strategy - United States of AmericaThe United States, our allies, and our partners face a spectrum of challenges, including violent transnational extremist networks, hostile states armed with weapons of mass destruction, rising regional powers, emerging space and cyber threats, natural and pandemic disasters, and a growing competition for resources. The Department of Defense must respond to these challenges while anticipating and preparing for those of tomorrow. We must balance strategic risk across our responses, making the best use of the tools at hand within the U.S. Government and among our international partners. To succeed, we must harness and integrate all aspects of national power and work closely with a wide range of allies, friends and partners. We cannot prevail if we act alone.

As noted in the 2006 QDR, state actors no longer have a monopoly over the catastrophic use of violence. Small groups or individuals can harness chemical, biological, or even crude radiological or nuclear devices to cause extensive damage and harm. Similarly, they can attack vulnerable points in cyberspace and disrupt commerce and daily life in the United States, causing economic damage, compromising sensitive information and materials, and interrupting critical services such as power and information networks. National security and domestic resources may be at risk, and the Department must help respond to protect lives and national assets. The Department will continue to be both bulwark and active protector in these areas. Yet, in the long run the Department of Defense is neither the best source of resources and capabilities nor the appropriate authority to shoulder these tasks. The comparative advantage, and applicable authorities, for action reside elsewhere in the U.S. Government, at other levels of government, in the private sector, and with partner nations. DoD should expect and plan to play a key supporting role in an interagency effort to combat these threats, and to help develop new capacities and capabilities, while protecting its own vulnerabilities.

In the contemporary strategic environment, the challenge is one of deterring or dissuading a range of potential adversaries from taking a variety of actions against the U.S. and our allies and interests. These adversaries could be states or non-state actors; they could use nuclear, conventional, or unconventional weapons; and they could exploit terrorism, electronic, cyber and other forms of warfare. Economic interdependence and the growth of global communications further complicate the situation. Not only do they blur the types of threats, they also exacerbate sensitivity to the effects of attacks and in some cases make it more difficult to attribute or trace them. Finally, the number of potential adversaries, the breadth of their capabilities, and the need to design approaches to deterrence for each, create new challenges.

An underlying assumption in our understanding of the strategic environment is that the predominant near-term challenges to the United States will come from state and non-state actors using irregular and catastrophic capabilities. Although our advanced space and cyber-space assets give us unparalleled advantages on the traditional battlefield, they also entail vulnerabilities.

China is developing technologies to disrupt our traditional advantages. Examples include development of anti-satellite capabilities and cyber warfare. Other actors, particularly non-state actors, are developing asymmetric tactics, techniques, and procedures that seek to avoid situations where our advantages come into play.

Download National Defense Strategy – United States of America

Cyber Adversary Characterization: Auditing the Hacker Mind

Cyber Adversary Characterization: Auditing the Hacker MindThe wonders and advantages of modern age electronics and the World Wide Web have also, unfortunately, ushered in a new age of terrorism. The growing connectivity among secure and insecure networks has created new opportunities for unauthorized intrusions into sensitive or proprietary computer systems. Some of these vulnerabilities are waiting to be exploited, while numerous others already have. Everyday that a vulnerability or threat goes unchecked greatly increases an attack and the damage it can cause. Who knows what the prospects for a cascade of failures across US infrastructures could lead to. What type of group or individual would exploit this vulnerability, and why would they do it? “Inside the Mind of a Criminal Hacker” sets the stage and cast of characters for examples and scenarios such as this, providing the security specialist a window into the enemy's mind – necessary in order to develop a well configured defense. Written by leading security and counter-terrorism experts, whose experience include first-hand exposure in working with government branches & agencies (such as the FBI, US Army, Department of Homeland Security), this book sets a standard for the fight against the cyber-terrorist. Proving, that at the heart of the very best defense is knowing and understanding your enemy.

* This book will demonstrate the motives and motivations of criminal hackers through profiling attackers at post attack and forensic levels.

* This book is essential to those who need to truly “know thy enemy” in order to prepare the best defense.

* . The breadth of material in “Inside the Criminal Mind” will surprise every security specialist and cyber-terrorist buff of how much they do and (more importantly) don't know about the types of adversaries they stand to face.

Price: $51.95

Click here to buy from Amazon

Internet Denial of Service: Attack and Defense Mechanisms

Internet Denial of Service: Attack and Defense MechanismsSuddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?

Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.

Inside, you'll find comprehensive information on the following topics

  • How denial-of-service attacks are waged
  • How to improve your network's resilience to denial-of-service attacks
  • What to do when you are involved in a denial-of-service attack
  • The laws that apply to these attacks and their implications
  • How often denial-of-service attacks occur, how strong they are, and the kinds of damage they can cause
  • Real examples of denial-of-service attacks as experienced by the attacker, victim, and unwitting accomplices

The authors' extensive experience in handling denial-of-service attacks and researching defense approaches is laid out clearly in practical, detailed terms.

Price: $44.99

Click here to buy from Amazon