Reverse Deception: Organized Cyber Threat Counter-Exploitation (2 page)
Read Reverse Deception: Organized Cyber Threat Counter-Exploitation Online
Authors: Sean Bodmer
Tags: #General, #security, #Computers
BOOK: Reverse Deception: Organized Cyber Threat Counter-Exploitation
5.48Mb size Format: txt, pdf, ePub
Conclusion
Chapter 2 What Is Deception?
How Does Deception Fit in Countering Cyber Threats?
Six Principles of Deception
Focus
Objective
Centralized Planning and Control
Security
Timeliness
Integration
Traditional Deception
Feints—Cowpens
Demonstrations—Dorchester Heights
Ruses—Operation Mincemeat (the Unlikely Story of Glyndwr Michael)
Displays—A Big Hack Attack
Why Use Deception?
The First US Army Group Deception
Russian Maskirovka
Deception Maxims
“Magruder’s Principle”—Exploitation of a COG’s Perception or Bias
“Limitations to Human Information Processing”
“Multiple Forms of Surprise”
“Jones’ Dilemma”
“Choice of Types of Deception”
“Husbanding of Deception Assets”
“Sequencing Rule”
“Importance of Feedback”
“Beware of Possible Unwanted Reactions”
“Care in the Design of Planned Placement of Deceptive Material”
Understanding the Information Picture
Half-Empty Version
Half-Full Version
A Question of Bias
Totally Full Version
Step-Beyond Version
Two-Steps-Beyond Version
Conclusion
Chapter 3 Cyber Counterintelligence
Fundamental Competencies
Applying Counterintelligence to the Cyber Realm
Sizing Up Advanced and Persistent Threats
Attack Origination Points
Numbers Involved in the Attack
Risk Tolerance
Timeliness
Skills and Methods
Actions
Objectives
Resources
Knowledge Source
Conclusion
Chapter 4 Profiling Fundamentals
A Brief History of Traditional Criminal Profiling
The Emergence of Cyber Profiling
Acquiring an Understanding of the Special Population
The Objectives of Profiling
The Nature of Profiling
Basic Types of Profiling
Two Logical Approaches to Profiling: Inductive vs. Deductive
Information Vectors for Profiling
Time
Geolocation
Skill
Motivation
Weapons and Tactics
Socially Meaningful Communications and Connections
Conclusion
References
Chapter 5 Actionable Legal Knowledge for the Security Professional
How to Work with a Lawyer
What You Should Know About Legal Research
Online Legal Resources
Common Legal Terms
The Role of Statutes in Our Legal System
How to Find a Law
Do Your Background Homework
Reading the Law
Communicating with Lawyers
Ethics in Cyberspace
Conclusion
Chapter 6 Threat (Attacker) Tradecraft
Threat Categories
Targeted Attacks
Opportunistic Attacks
Opportunistic Turning Targeted
Evolution of Vectors
Meet the Team
Criminal Tools and Techniques
Tailored Valid Services
Academic Research Abuse
Circles of Trust
Injection Vectors
Conclusion
Chapter 7 Operational Deception
Deception Is Essential
Tall Tale 1
Postmortem
Tall Tale 2
Postmortem
Tall Tale 3
Postmortem
Tall Tale 4
Honeypot 1
Postmortem
Conclusion
Chapter 8 Tools and Tactics
Detection Technologies
Host-Based Tools
Antivirus Tools
Digital Forensics
Security Management Tools
Network-Based Tools
Firewalls
Intrusion Detection/Prevention Systems
Deception Technologies
Honeywalls
Other books
The Expendable Man by Dorothy B. Hughes
Bound for Vietnam by Lydia Laube
The Secret Ingredient by Nina Harrington
The Devil Wins: A History of Lying from the Garden of Eden to the Enlightenment by Dallas G. Denery II
The Perfect Game by Sterling, J.
vampires of san francisco 07 - suckers lost and found by mcbrayer, jessica
Rescuing the Captive: The Ingenairii Series by Jeffrey Quyle
Under the Orange Moon by Frances, Adrienne
StoneHardPassion by Anya Richards
From Now On by Louise Brooks