Reverse Deception: Organized Cyber Threat Counter-Exploitation (132 page)

        skills/methods

        timeliness

        victimology

OC online binary cryptor

offender profiling.
See
profiling

Ollman, Gunter

OllyDbg tool

online binary cryptor

OODA loop process

open source intelligence (OSINT)

OpenSC.WS
online binary cryptor

opensc.ws
website

operating system.
See
OS

Operation Aurora APT

Operation Desert Storm

Operation Mincemeat

Operation Payback attack

Operation Quicksilver

operational deception

        conclusion

        key points

        overview

        “tall tales”

operational security

operations

        double agent

        end game

        evaluating success

        Military Deception

        psychological (PSYOPS)

        validating

        vetting

operations security (OPSEC)

operators, botnet

opportunistic attacks

opportunistic subleasing

opportunistic usage

OPSEC (operations security)

organized offenders

origination points

OS (operating system)

OS discovery tool

OSINT (open source intelligence)

overkill

P

P2P (peer-to-peer)

P2V (Physical-to-Virtual)

packet capture (PCAP)

Palevo Tracker

Parker, Donn

passive OS fingerprinting (POF)

passwords

        BIOS

        considerations

        tools for hacking

“patriotic hackers”

Patton, George S. (General)

PBX (Private Branch Exchange)

PCAP (packet capture)

peer-to-peer (P2P)

People’s Liberation Army (PLA)

People’s Republic of China (PRC)

perceptual consistency

persistent threats (PTs).
See also
threats

        described

        vs. advanced persistent threats

personally identifiable information (PII)

personas

personnel.
See
employees

persuasion, art of

Petherick, Wayne

phishing

PhishTank data repository

physical security

Physical-to-Virtual (P2V)

PID (process identifier)

PII (personally identifiable information)

PLA (People’s Liberation Army)

planning/control

PLCs (programmable logic controllers)

Plunkett, Deborah

POF (passive OS fingerprinting)

Point of Presence (POP)

“poker face”

POP (Point of Presence)

pornography

Port Scan Attack Detector

postincident characterization

postmortem breakdown

postmortems, threats

Powell, Colin

PRC (People’s Republic of China)

president, U.S.

Private Branch Exchange (PBX)

proactive breakdown

process identifier (PID)

production-based honeynets

profiling.
See also
attack attribution

        basic types of

        conclusion

        consistency

        crime scene environment

        criminal

        cyber profiling

        differentiation

        errors in

        filtering and

        inductive vs. deductive

        “Mad Bomber” case

        motivation.
See
motivation

        nature of

        objectives of

        overview

        prospective

        psychological profiles

        references/resources

        retrospective

        salience

        skill level

        social networks.
See
social networks

        social psychology

        “special population”

        statistical models

        strategic application

        time considerations

        traditional

        weapons/tactics

        winnowing process

profiling vectors.
See also
vectors

        application of profiling techniques

        attack attribution

        example study

        geolocation vector

        information vector

        micro-/macro-level analyses

        motivation

        skill level

        social networks

        tactics vector

        time

        vector summary

        weapon vector

programmable logic controllers (PLCs)

prospective profiling

psychological autopsy

psychological operations (PSYOPS)

psychological profiles

psychology, social

PSYOPS (psychological operations)

PTs.
See
persistent threats

public data sources

public security data sources/forums

public social networking sites

Q

QQ.com
website

R

Rackspace

“Railway Murderer”

Rainbow tables

ransomware

Raptor APT

RAT (Remote Access Trojan)

RAT (Remote Administration Tool)

RBN (Russian Business Network)

references.
See
resources

relationships

religion/magic dimension

Remote Access Trojan (RAT)

Remote Administration Tool (RAT)

remote synchronization (RSYNC)

reporting procedures/methods

research

        academic research abuse

        legal