Reverse Deception: Organized Cyber Threat Counter-Exploitation (132 page)

Read Reverse Deception: Organized Cyber Threat Counter-Exploitation Online

Authors: Sean Bodmer

Tags: #General, #security, #Computers

BOOK: Reverse Deception: Organized Cyber Threat Counter-Exploitation
6.77Mb size Format: txt, pdf, ePub
        skills/methods
        timeliness
        victimology
OC online binary cryptor
offender profiling.
See
profiling
Ollman, Gunter
OllyDbg tool
online binary cryptor
OODA loop process
open source intelligence (OSINT)
OpenSC.WS
online binary cryptor
opensc.ws
website
operating system.
See
OS
Operation Aurora APT
Operation Desert Storm
Operation Mincemeat
Operation Payback attack
Operation Quicksilver
operational deception
        conclusion
        key points
        overview
        “tall tales”
operational security
operations
        double agent
        end game
        evaluating success
        Military Deception
        psychological (PSYOPS)
        validating
        vetting
operations security (OPSEC)
operators, botnet
opportunistic attacks
opportunistic subleasing
opportunistic usage
OPSEC (operations security)
organized offenders
origination points
OS (operating system)
OS discovery tool
OSINT (open source intelligence)
overkill

P

P2P (peer-to-peer)
P2V (Physical-to-Virtual)
packet capture (PCAP)
Palevo Tracker
Parker, Donn
passive OS fingerprinting (POF)
passwords
        BIOS
        considerations
        tools for hacking
“patriotic hackers”
Patton, George S. (General)
PBX (Private Branch Exchange)
PCAP (packet capture)
peer-to-peer (P2P)
People’s Liberation Army (PLA)
People’s Republic of China (PRC)
perceptual consistency
persistent threats (PTs).
See also
threats
        described
        vs. advanced persistent threats
personally identifiable information (PII)
personas
personnel.
See
employees
persuasion, art of
Petherick, Wayne
phishing
PhishTank data repository
physical security
Physical-to-Virtual (P2V)
PID (process identifier)
PII (personally identifiable information)
PLA (People’s Liberation Army)
planning/control
PLCs (programmable logic controllers)
Plunkett, Deborah
POF (passive OS fingerprinting)
Point of Presence (POP)
“poker face”
POP (Point of Presence)
pornography
Port Scan Attack Detector
postincident characterization
postmortem breakdown
postmortems, threats
Powell, Colin
PRC (People’s Republic of China)
president, U.S.
Private Branch Exchange (PBX)
proactive breakdown
process identifier (PID)
production-based honeynets
profiling.
See also
attack attribution
        basic types of
        conclusion
        consistency
        crime scene environment
        criminal
        cyber profiling
        differentiation
        errors in
        filtering and
        inductive vs. deductive
        “Mad Bomber” case
        motivation.
See
motivation
        nature of
        objectives of
        overview
        prospective
        psychological profiles
        references/resources
        retrospective
        salience
        skill level
        social networks.
See
social networks
        social psychology
        “special population”
        statistical models
        strategic application
        time considerations
        traditional
        weapons/tactics
        winnowing process
profiling vectors.
See also
vectors
        application of profiling techniques
        attack attribution
        example study
        geolocation vector
        information vector
        micro-/macro-level analyses
        motivation
        skill level
        social networks
        tactics vector
        time
        vector summary
        weapon vector
programmable logic controllers (PLCs)
prospective profiling
psychological autopsy
psychological operations (PSYOPS)
psychological profiles
psychology, social
PSYOPS (psychological operations)
PTs.
See
persistent threats
public data sources
public security data sources/forums
public social networking sites

Q

QQ.com
website

R

Rackspace
“Railway Murderer”
Rainbow tables
ransomware
Raptor APT
RAT (Remote Access Trojan)
RAT (Remote Administration Tool)
RBN (Russian Business Network)
references.
See
resources
relationships
religion/magic dimension
Remote Access Trojan (RAT)
Remote Administration Tool (RAT)
remote synchronization (RSYNC)
reporting procedures/methods
research
        academic research abuse
        legal

Other books

A Star Called Henry by Roddy Doyle
Ready To Go by Mann, Stephanie
Beating the Babushka by Tim Maleeny
Obsessed by Devon Scott
Soldier Mine by Amber Kell
The Devil's Advocate by Andrew Neiderman
Freeing Alex by Sarah Elizabeth Ashley