+612 9045 4394
Cyber Adversary Characterization : Auditing the Hacker Mind - Tom Parker

Cyber Adversary Characterization

Auditing the Hacker Mind

Paperback Published: 1st July 2004
ISBN: 9781931836111
Number Of Pages: 512

Share This Book:


or 4 easy payments of $33.23 with Learn more
Ships in 7 to 10 business days

The wonders and advantages of modern age electronics and the World Wide Web have also, unfortunately, ushered in a new age of terrorism. The growing connectivity among secure and insecure networks has created new opportunities for unauthorized intrusions into sensitive or proprietary computer systems. Some of these vulnerabilities are waiting to be exploited, while numerous others already have. Everyday that a vulnerability or threat goes unchecked greatly increases an attack and the damage it can cause. Who knows what the prospects for a cascade of failures across US infrastructures could lead to. What type of group or individual would exploit this vulnerability, and why would they do it? "Inside the Mind of a Criminal Hacker" sets the stage and cast of characters for examples and scenarios such as this, providing the security specialist a window into the enemy's mind - necessary in order to develop a well configured defense. Written by leading security and counter-terrorism experts, whose experience include first-hand exposure in working with government branches & agencies (such as the FBI, US Army, Department of Homeland Security), this book sets a standard for the fight against the cyber-terrorist. Proving, that at the heart of the very best defense is knowing and understanding your enemy.

* This book will demonstrate the motives and motivations of criminal hackers through profiling attackers at post attack and forensic levels.

* This book is essential to those who need to truly "know thy enemy" in order to prepare the best defense.

* . The breadth of material in "Inside the Criminal Mind" will surprise every security specialist and cyber-terrorist buff of how much they do and (more importantly) don't know about the types of adversaries they stand to face.

Prefacep. xiii
Forewordp. xxvii
Introductionp. 1
Cyber Adversary Characterizationp. 2
A First-Person Account from Kevin D. Mitnickp. 4
Insider Lessons Learnedp. 7
Cyber Terrorist: A Media Buzzword?p. 8
Failures of Existing Modelsp. 12
High Data Quantitiesp. 13
Characterization Typesp. 14
Introduction to Characterization Theoryp. 17
Theoretical Characterization Metricsp. 19
Introductionp. 20
The Adversary Object Matrixp. 21
Adversary Property Relationshipsp. 23
Environment Property to Attacker Propertyp. 23
Attacker Property to Target Propertyp. 24
Other (Conditional) Adversarial Property Relationshipsp. 24
The Adversary Model--"Adversary Environment Properties"p. 25
Political and Cultural Impactsp. 25
Environment Property/Attacker Property Observable Impactsp. 33
Adversarial Group, not "Hacker Group"!p. 34
The Adversary Model--"Attacker Properties"p. 37
Resources Objectp. 38
Inhibitor Objectp. 41
Driver/Motivator Objectp. 45
Summaryp. 48
Disclosure and the Cyber Food Chainp. 49
Introductionp. 50
Vulnerability Disclosure and the Cyber Adversaryp. 50
"Free For All": Full Disclosurep. 51
Disclosure Attack Capability and Considerationsp. 53
Probability of Success Given an Attemptp. 55
Probability of Detection Given an Attemptp. 56
"Symmetric" Full Disclosurep. 56
Responsible Restricted "Need to Know" Disclosurep. 58
Responsible, Partial Disclosure and Attack Inhibition Considerationsp. 59
"Responsible" Full Disclosurep. 60
Security Firm "Value Added" Disclosure Modelp. 62
Non-Disclosurep. 65
The Vulnerability Disclosure Pyramid Metricp. 66
Pyramid Metric Capability and Attack Inhibitionp. 67
Pyramid Metric and Capability: A Composite Picture Pyramidp. 68
Comparison of Mean Inhibitor Object Element Valuesp. 71
The Disclosure Food Chainp. 72
Security Advisories and Misinformationp. 73
Summaryp. 76
Rating the Attack: Post-Incident Characterization Metricsp. 77
Introduction: Theoretical Crossover and the Attack Point Scoring Systemsp. 78
The Source of the Problemp. 78
Variables of Attack Tools to Considerp. 80
Tool-Scoring Metricsp. 80
The Ease With Which an Attack Tool Is Usedp. 82
The Availability of an Attack Toolp. 83
Nontechnical Skill-Related Prerequisitesp. 84
Common Types of Attack Toolsp. 84
Mass Rootersp. 84
Port-Scanning Toolsp. 86
Operating System Enumeration Toolsp. 87
Software Exploitsp. 89
Commercial Attack Toolsp. 90
Caveats of Attack Tool Metricsp. 91
Attack Technique Variablesp. 92
Nontechnological Resources Requiredp. 92
The Distribution Level of the Attack Techniquep. 92
Any Attack Inhibitors Reduced Through the Use of the Attack Techniquep. 93
The Ease With Which the Attack Technique Is Implementedp. 94
Technique-Scoring Metricsp. 94
Common Types of Attack Techniquesp. 95
Network Service and Vulnerability Enumeration Techniquesp. 95
Operating System Enumeration Techniquesp. 98
Automated and Mass-Exploitation Techniquesp. 99
Automated Agent Attitude to Attack Inhibitor Deductionsp. 100
Web Application Exploitation Techniquesp. 101
Additional Attack Scoring Examplesp. 103
Caveats: Attack Behavior Masqueradingp. 104
Summaryp. 105
Asset Threat Characterizationp. 107
Introductionp. 108
The Target Propertyp. 109
Who Cares About Your Systems Today?p. 110
Attack Preference Tablesp. 110
Target Properties: Attack Driver and Inhibitor Influencep. 111
Target Environment Property Influencesp. 111
Target Technical Property Influencesp. 115
The Asset Threat Characterizationp. 116
Preparing for the Characterizationp. 116
Identifying What's Relevant to Youp. 118
Attacking Positive Attack Inhibitorsp. 122
Fictional Asset Threat Characterization Case Studyp. 122
Does a Real Threat Exist?p. 123
Case Study Conclusionsp. 131
Summaryp. 136
Bringing It All Together: Completing the Cyber Adversary Modelp. 137
Introductionp. 138
Intermetric Component Relationshipsp. 138
Filling in the Blanksp. 138
Internet Metric Relationship Result Reliability Calculationsp. 141
Summaryp. 143
WarmTouch: Assessing the Insider Threat and Relationship Managementp. 145
Introductionp. 146
The Challenges of Detecting the Insider Threatp. 146
An Approach to the Insider Problemp. 148
Case Illustrationsp. 149
Detecting Insider Risk and Deception--A Bank Systems Administratorp. 149
Robert Hanssen at the FBIp. 153
Identifying the Source of Anonymous Threats--Are They from the Same Author?p. 157
Extortion Attempt by a Russian Hacker Against Bloomberg Financialp. 158
Monitoring a Cyber Stalkerp. 161
Relationship Managementp. 163
Summaryp. 168
Referencesp. 169
Footnotep. 170
Managing the Insider Threatp. 171
Introduction: Setting the Stagep. 172
Preventionp. 176
Screening and Its Weaknessesp. 176
Education and Prevnetionp. 179
Detectionp. 184
Detection Challengesp. 184
Detection Challenges Along the Critical Pathwayp. 184
Detection Indicators and Challenges by Subject Subtypep. 193
Insider Case Managementp. 199
Summaryp. 203
Referencesp. 203
The Cyber Adversary in Groups: Targeting Nations' Critical Infrastructuresp. 205
Introductionp. 206
Historical Contextp. 208
The General Public and the Internetp. 209
Increasing Threats and Vulnerabilitiesp. 210
Critical Infrastructure Vulnerabilitiesp. 212
Terrorist Attacks of September 2001p. 214
Eligible Receiver and Solar Sunrisep. 216
New Organizations and New Discoveriesp. 218
Identifying and Characterizing the Cyber Threatp. 220
Nation Statesp. 222
Terroristsp. 223
Espionagep. 223
Organized Crimep. 224
Insidersp. 225
Hackersp. 226
Summaryp. 228
Characterizing the Extremes--Terrorists and Nation Statesp. 231
Introductionp. 232
The Nation State Cyber Adversaryp. 232
Nation State Cyber Adversary Attractorsp. 233
Nation State Cyber Adversary Deterrentsp. 236
Qualifying the Nation State Threatp. 239
International Terrorists and Rogue Nationsp. 241
Single-Issue Terrorist Organizations/Hacktivistsp. 246
The Al Qaeda Threat--Kill With a Borrowed Swordp. 249
Indirect Compromisep. 251
Compromise Via a Customized Attack Toolp. 252
Physical Insider Placementp. 253
Data Interception/Sniffing/Info Gatheringp. 254
Malicious Codep. 254
Denial of Service Codep. 255
Distributed Denial of Servicep. 255
Directed Energyp. 256
Physical Threats to Information Technology Systemsp. 256
Differentiation of the Cyber Terrorist Adversaryp. 257
Summaryp. 259
Footnotes and Referencesp. 260
Conclusionsp. 263
A Look Backp. 264
Kevin D. Mitnick: Attack, Weighed and Measured!p. 264
Kevin's Environment Property Examinedp. 264
Environment Property Influences on Attacker Resources Objectp. 265
Environment Property Influences on Attacker Inhibitor & Driver Object(s)p. 268
Summaryp. 270
And Now for Something a Little Different!p. 270
Return on Investmentp. 271
Playing the Marketp. 273
Information Leakage at the Packet Levelp. 274
Corrupted by Greedp. 277
Revenge of the Nerdp. 278
A Lead from Las Vegasp. 280
The Call of Opportunityp. 281
Initial Reconnaissancep. 282
Shrax: The Ultimate Rootkitp. 284
Throwaway Accountp. 288
Seeking the Prizep. 293
Hacking .MILp. 298
Triumph and New Toysp. 302
Endnotesp. 303
Aftermath...The Investigation Continuesp. 304
Final Wordsp. 309
Acknowledgementsp. 310
Glossaryp. 311
Indexp. 313
Table of Contents provided by Ingram. All Rights Reserved.

ISBN: 9781931836111
ISBN-10: 1931836116
Audience: Professional
Format: Paperback
Language: English
Number Of Pages: 512
Published: 1st July 2004
Publisher: Syngress Media,U.S.
Country of Publication: US
Dimensions (cm): 22.9 x 17.8  x 2.29
Weight (kg): 0.58