A complete guide to understanding and fighting advanced persistent threats—today’s most destructive risk to enterprise security
Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).
APTs cannot be seen, spread invisibly, and then continue to live in an enterprise network, undetected. In this one-of-a-kind book, the authors explain how to get—and stay—ahead of today’s well-organized and extremely persistent brand of network enemies. The book describes the characteristics of malware and botnets, how they can morph, evade detection, and spin off decoys that live in-network, while appearing to have been cleaned up and debugged. This detailed guide then reveals how to detect the appearance of malicious code, decode the types of enemies they originate from, and finally, how to extricate malcode and deflect its future entry into networks.
Reverse Deception: Organized Cyber Threat Counter-Exploitation features:
- Full coverage of the #1 feared type of network attack today, the APT
- Descriptions of cyber espionage tactics seen in the U.S. and internationally, with comparisons of the types of countermeasures permissible by law in the U.S. and Asia versus less strict countries in Europe, the Middle East, and Africa
- Enthralling case studies and true stories from the authors’ FBI, DOD, NSA, and private sector work
- Foreword by Fred Feer, a security professional with 40 years’ experience with the U.S. Army counterintelligence, CIA, RAND, and independent consulting
- Complete coverage of key aspects of deception, counter-deception, behavioral profiling, and security within the cyber realm
- Cat-and-mouse strategies from the best in the game—explains how to implement deception and disinformation techniques against a variety of incoming threats aimed at enticing adversaries out into the open
- A fresh perspective on innovative, field-tested ideas for successfully countering current digital threats—plus expected characteristics of the next threats to come
- Legal explanations of capabilities, limitations, and requirements for assisting law enforcement investigations
Deception Throughout History to Today; The Applications & Goals of Cyber Counterintelligence; The Missions and Outcomes of Criminal Profiling; Legal & Ethical Aspects of Deception; Attack Tradecraft; Operational Deception; Tools, Tactics & Procedures; Attack Attribution; Black Hat Motivators; Understanding Advanced Persistent Threats; When & When Not to Act; Implementation & Validation Tactics
Click here to buy from Amazon
Amazon Price: $16.99 $13.18 You save: $3.81 (22%). (as of September 20, 2019 16:52 –
Once a top-secret training manual for CIA field agents in the early Cold War Era of the 1950s, The Official CIA Manual of Trickery and Deception is now available to the general public. An amazing historical artifact, this eye-opening handbook offered step-by-step instructions to covert intelligence operatives in all manner of sleight of hand and trickery designed to thwart the Communist enemy. Part of the Company’s infamous MK-ULTRA—a secret mind-control and chemical interrogation research program—this legendary document, the brainchild of John Mulholland, then America’s most famous magician, was believed lost forever. But thanks to former CIA gadgeteer Bob Wallace and renowned spycraft historian H. Keith Melton, The Official CIA Manual of Trickery and Deception is now available to everyone, spy and civilian alike.
Amazon Price: N/A (as of September 21, 2019 13:25 –
Eight years ago, Addie Webster was the victim of the most notorious kidnapping of the decade. Addie vanished—and her high-profile parents were forced to move on. Mark Webster is now president of the United States, fighting to keep the oval office after a tumultuous first term. Then the unthinkable happens: the president's daughter resurfaces. Addie is brought back into her family's fold, but who is this sixteen-year-old girl with a quiet, burning intelligence now living in the White House? There are those in the president's political circle who find her timely return suspicious. When a national security advisor approaches Darrow Fergusson, Addie's childhood best friend and the son of the president's chief of staff, he doesn't know what to think. How could the girl he's missed for all these years be a threat to national security? Still, at the risk of having his own secrets exposed, Darrow agrees to spy on Addie. He soon realizes that his old friend is much more than the traumatized victim of a sick political fringe group. Addie has come with a mission…but will she choose to complete it?
As the cliché reminds us, information is power. In this age of computer systems and technology, an increasing majority of the world’s information is stored electronically. It makes sense then that as an industry we rely on high-tech electronic protection systems to guard that information. As a professional hacker, I get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, my goal has always been the same: extract the informational secrets using any means necessary. After hundreds of jobs, I discovered the secret to bypassing every conceivable high-tech security system. This book reveals those secrets, and as the title suggests, it has nothing to do with high technology. As it turns out, the secret isn’t much of a secret at all. Hackers have known about these techniques for years. Presented in a light, accessible style, you’ll get to ride shotgun with the authors on successful real-world break-ins as they share photos, videos and stories that prove how vulnerable the high-tech world is to no-tech attacks.
As you browse this book, you’ll hear old familiar terms like “dumpster diving”, “social engineering”, and “shoulder surfing”. Some of these terms have drifted into obscurity to the point of becoming industry folklore; the tactics of the pre-dawn information age. But make no mistake; these and other old-school tactics work with amazing effectiveness today. In fact, there’s a very good chance that someone in your organization will fall victim to one or more of these attacks this year. Will they be ready?
. Dumpster Diving
Be a good sport and don’t read the two “D” words written in big bold letters above, and act surprised when I tell you hackers can accomplish this without relying on a single bit of technology (punny).
Hackers and ninja both like wearing black, and they do share the ability to slip inside a building and blend with the shadows.
. Shoulder Surfing
If you like having a screen on your laptop so you can see what you’re working on, don’t read this chapter.
. Physical Security
Locks are serious business and lock technicians are true engineers, most backed with years of hands-on experience. But what happens when you take the age-old respected profession of the locksmith and sprinkle it with hacker ingenuity?
. Social Engineering with Jack Wiles
Jack has trained hundreds of federal agents, corporate attorneys, CEOs and internal auditors on computer crime and security-related topics. His unforgettable presentations are filled with three decades of personal “war stories” from the trenches of Information Security and Physical Security.
. Google Hacking
A hacker doesn’t even need his own computer to do the necessary research. If he can make it to a public library, Kinko’s or Internet cafe, he can use Google to process all that data into something useful.
. P2P Hacking
Let’s assume a guy has no budget, no commercial hacking software, no support from organized crime and no fancy gear. With all those restrictions, is this guy still a threat to you? Have a look at this chapter and judge for yourself.
. People Watching
Skilled people watchers can learn a whole lot in just a few quick glances. In this chapter we’ll take a look at a few examples of the types of things that draws a no-tech hacker’s eye.
What happens when a kiosk is more than a kiosk? What happens when the kiosk holds airline passenger information? What if the kiosk holds confidential patient information? What if the kiosk holds cash?
. Vehicle Surveillance
Most people don’t realize that some of the most thrilling vehicular espionage happens when the cars aren’t moving at all!
Click here to buy from Amazon
Amazon Price: N/A (as of October 18, 2016 07:26 –
Due to the ever-evolving tactics of our enemies, the American intelligence community has been compelled to find more effective methods of managing intelligence analysis. In Intelligence Analysis, Robert M. Clark demonstrates that a collaborative, target-centric approach leads to sharper and more effective analysis, while better meeting the needs of the end-user.
Comprehensively revised to reflect the changes in the constantly shifting landscape of intelligence, the new fourth edition accounts for recent events and is rife with new examples throughout. Brand new and significantly revised coverage includes chapters on managing the analytic unit, analytic methodologies, and the analytic spectrum, bringing a heightened level of clarity to this outstanding, must-have resource.
Continue reading “Intelligence Analysis: A Target-Centric Approach”