Read Reverse Deception: Organized Cyber Threat Counter-Exploitation Online
Authors: Sean Bodmer
Tags: #General, #security, #Computers
skills/methods
timeliness
victimology
OC online binary cryptor
offender profiling.
See
profiling
Ollman, Gunter
OllyDbg tool
online binary cryptor
OODA loop process
open source intelligence (OSINT)
OpenSC.WS
online binary cryptor
opensc.ws
website
operating system.
See
OS
Operation Aurora APT
Operation Desert Storm
Operation Mincemeat
Operation Payback attack
Operation Quicksilver
operational deception
conclusion
key points
overview
“tall tales”
operational security
operations
double agent
end game
evaluating success
Military Deception
psychological (PSYOPS)
validating
vetting
operations security (OPSEC)
operators, botnet
opportunistic attacks
opportunistic subleasing
opportunistic usage
OPSEC (operations security)
organized offenders
origination points
OS (operating system)
OS discovery tool
OSINT (open source intelligence)
overkill
P
P2P (peer-to-peer)
P2V (Physical-to-Virtual)
packet capture (PCAP)
Palevo Tracker
Parker, Donn
passive OS fingerprinting (POF)
passwords
BIOS
considerations
tools for hacking
“patriotic hackers”
Patton, George S. (General)
PBX (Private Branch Exchange)
PCAP (packet capture)
peer-to-peer (P2P)
People’s Liberation Army (PLA)
People’s Republic of China (PRC)
perceptual consistency
persistent threats (PTs).
See also
threats
described
vs. advanced persistent threats
personally identifiable information (PII)
personas
personnel.
See
employees
persuasion, art of
Petherick, Wayne
phishing
PhishTank data repository
physical security
Physical-to-Virtual (P2V)
PID (process identifier)
PII (personally identifiable information)
PLA (People’s Liberation Army)
planning/control
PLCs (programmable logic controllers)
Plunkett, Deborah
POF (passive OS fingerprinting)
Point of Presence (POP)
“poker face”
POP (Point of Presence)
pornography
Port Scan Attack Detector
postincident characterization
postmortem breakdown
postmortems, threats
Powell, Colin
PRC (People’s Republic of China)
president, U.S.
Private Branch Exchange (PBX)
proactive breakdown
process identifier (PID)
production-based honeynets
profiling.
See also
attack attribution
basic types of
conclusion
consistency
crime scene environment
criminal
cyber profiling
differentiation
errors in
filtering and
inductive vs. deductive
“Mad Bomber” case
motivation.
See
motivation
nature of
objectives of
overview
prospective
psychological profiles
references/resources
retrospective
salience
skill level
social networks.
See
social networks
social psychology
“special population”
statistical models
strategic application
time considerations
traditional
weapons/tactics
winnowing process
profiling vectors.
See also
vectors
application of profiling techniques
attack attribution
example study
geolocation vector
information vector
micro-/macro-level analyses
motivation
skill level
social networks
tactics vector
time
vector summary
weapon vector
programmable logic controllers (PLCs)
prospective profiling
psychological autopsy
psychological operations (PSYOPS)
psychological profiles
psychology, social
PSYOPS (psychological operations)
PTs.
See
persistent threats
public data sources
public security data sources/forums
public social networking sites
Q
QQ.com
website
R
Rackspace
“Railway Murderer”
Rainbow tables
ransomware
Raptor APT
RAT (Remote Access Trojan)
RAT (Remote Administration Tool)
RBN (Russian Business Network)
references.
See
resources
relationships
religion/magic dimension
Remote Access Trojan (RAT)
Remote Administration Tool (RAT)
remote synchronization (RSYNC)
reporting procedures/methods
research
academic research abuse
legal