Inside Cyber Warfare: Mapping the Cyber Underworld

Inside Cyber Warfare: Mapping the Cyber Underworld

What people are saying about Inside Cyber Warfare

“The necessary handbook for the 21st century.”

–Lewis Shepherd, Chief Tech Officer and Senior Fellow, Microsoft Institute for Advanced Technology in Governments

“A must-read for policy makers and leaders who need to understand the big-picture landscape of cyber war.”

–Jim Stogdill, CTO, Mission Services Accenture

You may have heard about “cyber warfare” in the news, but do you really know what it is? This book provides fascinating and disturbing details on how nations, groups, and individuals throughout the world are using the Internet as an attack platform to gain military, political, and economic advantages over their adversaries. You'll learn how sophisticated hackers working on behalf of states or organized crime patiently play a high-stakes game that could target anyone, regardless of affiliation or nationality.

Inside Cyber Warfare goes beyond the headlines of attention-grabbing DDoS attacks and takes a deep look inside multiple cyber-conflicts that occurred from 2002 through summer 2009.

  • Learn how cyber attacks are waged in open conflicts, including recent hostilities between Russia and Georgia, and Israel and Palestine
  • Discover why Twitter, Facebook, LiveJournal, Vkontakte, and other sites on the social web are mined by the intelligence services of many nations
  • Read about China's commitment to penetrate the networks of its technologically superior adversaries as a matter of national survival
  • Find out why many attacks originate from servers in the United States, and who's responsible
  • Learn how hackers are “weaponizing” malware to attack vulnerabilities at the application level

Price: $39.99

Click here to buy from Amazon

Chained Exploits: Advanced Hacking Attacks from Start to Finish

Chained Exploits: Advanced Hacking Attacks from Start to FinishThe complete guide to today’s hard-to-defend chained attacks: performing them and preventing them

Nowadays, it’s rare for malicious hackers to rely on just one exploit or tool; instead, they use “chained” exploits that integrate multiple forms of attack to achieve their goals. Chained exploits are far more complex and far more difficult to defend. Few security or hacking books cover them well and most don’t cover them at all. Now there’s a book that brings together start-to-finish information about today’s most widespread chained exploits–both how to perform them and how to prevent them.

Chained Exploits demonstrates this advanced hacking attack technique through detailed examples that reflect real-world attack strategies, use today’s most common attack tools, and focus on actual high-value targets, including credit card and healthcare data. Relentlessly thorough and realistic, this book covers the full spectrum of attack avenues, from wireless networks to physical access and social engineering.

Writing for security, network, and other IT professionals, the authors take you through each attack, one step at a time, and then introduce today’s most effective countermeasures— both technical and human. Coverage includes:

  • Constructing convincing new phishing attacks
  • Discovering which sites other Web users are visiting
  • Wreaking havoc on IT security via wireless networks
  • Disrupting competitors’ Web sites
  • Performing–and preventing–corporate espionage
  • Destroying secure files
  • Gaining access to private healthcare records
  • Attacking the viewers of social networking pages
  • Creating entirely new exploits
  • and more

Andrew Whitaker, Director of Enterprise InfoSec and Networking for Training Camp, has been featured in The Wall Street Journal and BusinessWeek. He coauthored Penetration Testing and Network Defense. Andrew was a winner of EC Council’s Instructor of Excellence Award.

Keatron Evans is President and Chief Security Consultant of Blink Digital Security, LLC, a trainer for Training Camp, and winner of EC Council’s Instructor of Excellence Award.

Jack B. Voth specializes in penetration testing, vulnerability assessment, and perimeter security. He co-owns The Client Server, Inc., and teaches for Training Camp throughout the United States and abroad.

informit.com/aw

Cover photograph © Corbis /

Jupiter Images

$49.99 US

$59.99 CANADA

Price: $49.99

Click here to buy from Amazon

Cyber Warriors at War

Cyber Warriors at WarDr. Berg P. Hyacinthe (PhD, Florida State University; LLD Candidate, Assas School of Law, CERSA-CNRS, La Sorbonne) is internationally recognized as an eminent and multidisciplinary scientific investigator. A U.S. patent holder featured in Harvard's Smithsonian/NASA Astrophysics Data System, Dr. Hyacinthe recently served as Assistant Professor and Scientific Advisor to Taibah University's Strategic Science & Advanced Technology Unit. Dr. Hyacinthe held several positions at County and State levels of the U.S Government in the Information Technology arena. He has been featured in conferences held at the U.S. Naval Postgraduate School, Monterey (author); Defence Academy of the United Kingdom, Shrivenham (invited session Chair); and National Defence College, Helsinki (session Chair). In CYBER WARRIORS AT WAR, he draws on the triangular relationship between technology, law, and Information Age warfare to propose solutions against potential charges of having committed Information Operations (IO) war crimes and/or IO crimes against humanity. According to Dr. Hyacinthe, the success of pre-emptive strikes and decisive military operations depends profoundly upon both reliable human intelligence and the versatile skills of 21st century “cyber warriors” whose IO activities are conducted through modern warfare's pentagonal synchrony – land, sea, air, cyberspace, and outer space. Unfortunately, these operations are commonly effectuated under a legal reasoning that is ambiguous in important ways: a threat to the national security of the United States of America and to the entire international community. Hence, as this Essay argues, the evolution of modern computer systems as weapons of war compels wary jurists to turn to the laws that should govern development and use of lethal information technologies. Further, this Essay examines how certain military operations within Information Warfare (IW) require new legal framework, and recounts specific events involving various types of IW conduct and cyber attack: an interesting exposé to jurists, military personnel, policymakers, and the growing and diverse body of information professionals around the world.

Price: $29.99

Click here to buy from Amazon

National Strategy of Defense – Peace and Security for Brazil

National Strategy of Defense - Peace and Security for BrazilBrazil is a peaceful country, by tradition and conviction. It lives in peace with its neighbors. It runs its international affairs, among other things, adopting the constitutional principles of non-intervention, defense of peace and peaceful resolution of conflicts. This pacifist trait is part of the national identity, and a value that should be preserved by the Brazilian people.
Brazil – a developing country – shall rise to the first stage in the world neither promoting hegemony nor domination. The Brazilian people are not willing to exert their power on other nations. They want Brazil to grow without reigning upon others.
This is perhaps the reason why Brazil has never conducted a wide discussion about its own defense affairs throughout its history. Periodically, governments used to authorize the acquisition or production of new defense products, and introduced specific reforms in the Armed Forces. However, a national strategy of defense has never been proposed to systematically guide the reorganization and reorientation of the Armed Forces; the organization of the defense industry in order to ensure the operational autonomy of the three service branches: the Navy, the Army and the Air Force; and the policies for the composition of their troops, moreover reconsidering the Mandatory Military Service.
However, if Brazil is willing to reach its deserved spot in the world, it will have to be prepared to defend itself not only from aggressions, but equally from threats.
Intimidation overrides good faith in the world where we live. Nothing substitutes the engagement of the Brazilian people in the debate and construction of their own defense.

The 6th National Strategy of Defense guideline:

“To strengthen three strategically important sectors: cybernetics, space and nuclear. This process of strengthening will ensure the fulfillment of the concept of flexibility. As a result of their own nature, these sectors transcend the border line between development and defense, between the civilian and the military. Both space and cybernetics sectors will, together, enable that the capacity to see one’s own country do not depend on foreign technology, and that the Armed Forces, together, can network supported by a monitoring system also space-based. Brazil is committed – as per the Federal Constitution and the Treaty on the Non-Proliferation of Nuclear Weapons – to the strictly peaceful use of nuclear energy. However, Brazil also asserts its strategic need to develop and master nuclear technology. The country needs to ensure the balance and the versatility of its energy matrix and advance in areas such as agriculture and health, which may benefit from nuclear energy technology. And carry out, among other initiatives that require technological independence in terms of nuclear energy, the nuclear-propelled submarine project.”

Download Estratégia Nacional de Defesa – Paz e segurança para o Brasil
Download National Strategy of Defense – Peace and security for Brazil
Download Estrategia Nacional de Defensa – Paz y seguridad para Brasil
Download Stratégie Nationale de Défense – Paix et Sécurité au Brésil

Managed Code Rootkits: Hooking into Runtime Environments

Managed Code Rootkits: Hooking into Runtime EnvironmentsImagine being able to change the languages for the applications that a computer is running and taking control over it. That is exactly what managed code rootkits can do when they are placed within a computer. This new type of rootkit is hiding in a place that had previously been safe from this type of attack-the application level. Code reviews do not currently look for back doors in the virtual machine (VM) where this new rootkit would be injected. An invasion of this magnitude allows an attacker to steal information on the infected computer, provide false information, and disable security checks. Erez Metula shows the reader how these rootkits are developed and inserted and how this attack can change the managed code that a computer is running, whether that be JAVA, .NET, Android Dalvik or any other managed code. Management development scenarios, tools like ReFrameworker, and countermeasures are covered, making this book a one stop shop for this new attack vector.

  • Introduces the reader briefly to managed code environments and rootkits in general
  • Completely details a new type of rootkit hiding in the application level and demonstrates how a hacker can change language runtime implementation
  • Focuses on managed code including Java, .NET, Android Dalvik and reviews malware development scenarios

Price: $49.95

Click here to buy from Amazon