Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats

Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats

Will Gragido, John Pirc

Language: English

Pages: 272

ISBN: 1597496138

Format: PDF / Kindle (mobi) / ePub

Cybercrime and Espionage provides a wealth of knowledge related to the realities seen in the execution of advanced attacks, their success from the perspective of exploitation and their presence within all industry. This book will educate you on realities of advanced, next generation threats, which take form in a variety ways. The authors, working in conjunction with strategic technology partners have key insights into the realm of what these new threats, dubbed “Subversive Multi-Vector Threats” or ‘SMT’s. Whether the goal is to acquire and subsequently sell intellectual property from one organization to a competitor or the international black markets, to compromise financial data and systems, or undermine the security posture of a nation state by another nation state or sub-national entity, these threats are real and growing at an alarming pace.

    • Includes detailed analysis and examples of the threats in addition to related anecdotal information
    • Authors’ combined backgrounds of security, military, and intelligence, give you distinct and timely insights
    • Presents never-before-published information: identification and analysis of cybercrime and the psychological profiles that accompany them

    The Eleventh Commandment

    Tiger Trap: America's Secret Spy War with China

    Get Smart! (Get Smart, Book 1)

    Jesus, My Father, The CIA, and Me: A Memoir. . . of Sorts

    Company Man: Thirty Years of Controversy and Crisis in the CIA



















    exhaust systems), 142–143 Mak, Chi allege compromise, 139–140 coconspirator and accomplice, 140 Dongfan “Greg” Chung, 140–141 Mak, Tai (brother), 140 PRC, 140 moonlight maze FRONTLINE, sources, 164–165 incident response and analysis, 164–165 “magnitude of the extraction”, 165–166 NIPRNET, 165–166 United States Intelligence Agencies, 166 motives and agendas, cyber actors Black Energy Botnet, 181, 184f cybercrime transcends border, 185 DDoS, 181, 183f degree of maturity, 185

    sensitive information to individuals not authorized to view the information. Integrity is the ability to guarantee that data have not been modified without the proper authorization. Availability is the ability to guarantee that one with the proper credentials has uninterrupted access to data. The similarities across all these core concepts revolve around data. More importantly, these have been around for well over 20 years. In the security community, these are security 101s at a very high level

    within a company. As an example, depending on the type of termination, the soon-to-be terminated employee’s manager will contact HR and notify them to start the termination process. This kicks off a lot of different processes that involve the termination of benefits, facility access, equipment return, and revoking network/system access. Some of this is handled directly by HR and other aspects are carried out by the manager who is supposed to notify physical security and IT security on the date of

    tacticians and strategists alike have studied Sun Tzu’s words, meditating upon their meaning and relevance as they sought to develop a greater understanding of the art of war in the context of their own lives and situations. We too must revisit the words of Sun Tzu with respect to the wars we wage in the cyber realm knowing that our adversaries will do so knowingly or as the result of instinct. It is difficult to say with any certainty that any one of these 13 principal areas of study plays a

    addition to capturing user login credentials is yet another example of exploitation in plain sight.1 Botnet Leasing The notion of Hacking as a Service (HaaS) is not new and has been around for quite sometime. The whole notion of attribution is huge when we are trying to trace back the origin of the attack. HaaS can be delivered in many different formats. As we demonstrated with Blaze Botnet, which is a tool that is not known in the aboveground security community, hacking does not require a

    Download sample