We live in a world that is increasingly connected. Our smartphones are now capable of locking and unlocking our front doors at home, turning on lights, checking the camera for packages left on the doorstep. We are able to measure our steps, check our baby monitors, record our favorite programs from wherever we have connectivity. We will soon be able to communicate—or, excuse me, we can communicate with our offices, too—but commute to our offices in driverless cars, trains, buses, have our child’s blood sugar checked remotely, and divert important energy resources from town to town efficiently. These are incredible potentially life-saving benefits that our society is learning to embrace, but we are also learning that these innovations do not come without a cost. In fact, recently we encountered a denial of service attack on a scale never before seen. This attack effectively blocked access to popular sites like Netflix and Twitter by weaponizing unsecured network connected devices like cameras and DVRs. Once these devices came under the command and control of bad actors, they were used to send a flood of DNS requests that ultimately rendered the DNS servers ineffective. As I understand it, at the beginning of this attack it was virtually impossible to distinguish malicious traffic from other normal traffic, making it particularly difficult to mitigate against attack. So how do we make ourselves more secure without sacrificing the benefits of innovation and technological advances? A knee-jerk reaction might be to regulate the Internet of Things. And while I am not taking a certain level of regulation off the table, the question is whether we need a more holistic approach. The United States cannot regulate the world. Standards applied to American-designed, American-manufactured, American-sold devices won’t necessarily capture the millions of devices purchased by the billions of people around the world, so the vulnerabilities might remain. Any sustainable and effective solution will require input from all members of the ecosystem of the so-called Internet of Things. We will need a concerted effort to improve not only device security, but also coordinate network security and improve the relationships between industry and security researchers. We are all in this thing together and industry, Government, researchers, and consumers will need to take responsibility for securing this Internet of Things. So today we will hear from a very distinguished panel of witnesses on some of the approaches that can be brought to bear on this challenge. My hope is that this hearing will help to sustain and accelerate conversations on our collective security and foster the innovation that makes the Internet the greatest engine of communications and commerce the world has ever seen.
Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).
APTs cannot be seen, spread invisibly, and then continue to live in an enterprise network, undetected. In this one-of-a-kind book, the authors explain how to get—and stay—ahead of today’s well-organized and extremely persistent brand of network enemies. The book describes the characteristics of malware and botnets, how they can morph, evade detection, and spin off decoys that live in-network, while appearing to have been cleaned up and debugged. This detailed guide then reveals how to detect the appearance of malicious code, decode the types of enemies they originate from, and finally, how to extricate malcode and deflect its future entry into networks.
Reverse Deception: Organized Cyber Threat Counter-Exploitation features:
- Full coverage of the #1 feared type of network attack today, the APT
- Descriptions of cyber espionage tactics seen in the U.S. and internationally, with comparisons of the types of countermeasures permissible by law in the U.S. and Asia versus less strict countries in Europe, the Middle East, and Africa
- Enthralling case studies and true stories from the authors’ FBI, DOD, NSA, and private sector work
- Foreword by Fred Feer, a security professional with 40 years’ experience with the U.S. Army counterintelligence, CIA, RAND, and independent consulting
- Complete coverage of key aspects of deception, counter-deception, behavioral profiling, and security within the cyber realm
- Cat-and-mouse strategies from the best in the game—explains how to implement deception and disinformation techniques against a variety of incoming threats aimed at enticing adversaries out into the open
- A fresh perspective on innovative, field-tested ideas for successfully countering current digital threats—plus expected characteristics of the next threats to come
- Legal explanations of capabilities, limitations, and requirements for assisting law enforcement investigations
Deception Throughout History to Today; The Applications & Goals of Cyber Counterintelligence; The Missions and Outcomes of Criminal Profiling; Legal & Ethical Aspects of Deception; Attack Tradecraft; Operational Deception; Tools, Tactics & Procedures; Attack Attribution; Black Hat Motivators; Understanding Advanced Persistent Threats; When & When Not to Act; Implementation & Validation Tactics
The internet has changed the rules of many industries, and war is no exception. But can a computer virus be classed as an act of war? Does a Denial of Service attack count as an armed attack? And does a state have a right to self-defence when cyber attacked? With the range and sophistication of cyber attacks against states showing a dramatic increase in recent times, this book investigates the traditional concepts of 'use of force', 'armed attack', and 'armed conflict' and asks whether existing laws created for analogue technologies can be applied to new digital developments.
The book provides a comprehensive analysis of primary documents and surrounding literature, to investigate whether and how existing rules on the use of force in international law apply to a relatively new phenomenon such as cyberspace operations. It assesses the rules of jus ad bellum and jus in bello, whether based on treaty or custom, and analyses why each rule applies or does not apply to cyber operations. Those rules which can be seen to apply are then discussed in the context of each specific type of cyber operation. The book addresses the key questions of whether a cyber operation amounts to the use of force and, if so, whether the victim state can exercise its right of self-defence; whether cyber operations trigger the application of international humanitarian law when they are not accompanied by traditional hostilities; what rules must be followed in the conduct of cyber hostilities; how neutrality is affected by cyber operations; whether those conducting cyber operations are combatants, civilians, or civilians taking direct part in hostilities. The book is essential reading for everyone wanting a better understanding of how international law regulates cyber combat.
This authoritative Handbook provides a clear and detailed introduction to cyber crime, offering you an effective operational guide to the complexities and challenges of investigating cyber-related crimes.
Written by a team of cyber crime experts, this unique book provides all police practitioners and partners with an operational reference and resource addressing all manner of cyber crime threats, including online anti-social behavior, hate crime, organized cyber crime, fraud, online child exploitation, and cyber terrorism and the terrorist use of the Internet. Presented in three main parts, Part 1 offers an overview of the different types of cyber crime along with explanations of the national structures and strategies in place to combat them, as well as case studies and scenarios. Part 2 offers practical guidance on the different categories of cyber crime and features contributions from organizations such as the National Crime Agency, and Part 3 covers the key legislation, police powers and points to prove relevant to each key category of offending and is written by the Police National Legal Database. All sections in Part 3 are accompanied by explanatory notes and related case law, ensuring quick and clear translation of cyber crime powers and provisions.
Continue reading “Blackstone’s Handbook of Cyber Crime Investigation”