Cyber Adversary Characterization: Auditing the Hacker Mind [Illustrated] [Paperback]

Tom Parker (Author), Marcus Sachs (Author), Eric Shaw (Author), Ed Stroz (Author), Matthew G. Devost (Author)

Book Description

ISBN-10: 1931836116 | ISBN-13: 978-1931836111 | Publication Date: June 2004 | Edition: 1

The wonders and advantages of modern age electronics and the World Wide Web have also, unfortunately, ushered in a new age of terrorism. The growing connectivity among secure and insecure networks has created new opportunities for unauthorized intrusions into sensitive or proprietary computer systems. Some of these vulnerabilities are waiting to be exploited, while numerous others already have. Everyday that a vulnerability or threat goes unchecked greatly increases an attack and the damage it can cause. Who knows what the prospects for a cascade of failures across US infrastructures could lead to. What type of group or individual would exploit this vulnerability, and why would they do it? "Inside the Mind of a Criminal Hacker" sets the stage and cast of characters for examples and scenarios such as this, providing the security specialist a window into the enemy's mind - necessary in order to develop a well configured defense. Written by leading security and counter-terrorism experts, whose experience include first-hand exposure in working with government branches & agencies (such as the FBI, US Army, Department of Homeland Security), this book sets a standard for the fight against the cyber-terrorist. Proving, that at the heart of the very best defense is knowing and understanding your enemy.

* This book will demonstrate the motives and motivations of criminal hackers through profiling attackers at post attack and forensic levels.

* This book is essential to those who need to truly "know thy enemy" in order to prepare the best defense.

* . The breadth of material in "Inside the Criminal Mind" will surprise every security specialist and cyber-terrorist buff of how much they do and (more importantly) don't know about the types of adversaries they stand to face.

Product Details

• Paperback: 356 pages
• Publisher: Syngress; 1 edition (June 2004)
• Language: English
• ISBN-10: 1931836116
• ISBN-13: 978-1931836111
• Product Dimensions: 9.1 x 7 x 0.9 inches
• Shipping Weight: 1.3 pounds (View shipping rates and policies)
• Average Customer Review: 3.5 out of 5 stars  See all reviews (6 customer reviews)
• Amazon Best Sellers Rank: #1,545,646 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

8 of 9 people found the following review helpful:

3.0 out of 5 stars Uneven quality, August 27, 2004

By 

W Boudville (Terra, Sol 3) - See all my reviews
(VINE VOICE)    (TOP 1000 REVIEWER)    (HALL OF FAME REVIEWER)    (REAL NAME)   

This review is from: Cyber Adversary Characterization: Auditing the Hacker Mind (Paperback)

An uneven book. The preface and last chapter are by far the best parts. Noted technology commentator Richard Thieme ("Islands in the Clickstream") gives the preface. A mere 4 pages. But very eloquent and lucid. A joy to read. The last chapter is a semi-ficticious narrative of how a hacker breaks into various computers. Unix and network experts will like the depth and ingenuity described. It can be very educational, even for experienced sysadmins.

But other chapters are poorly done. For example, Chapter 2 is on Theoretical Characterisation Metrics. It repeatedly uses various conditional probabilities, but with a wrong notation. For a probability of B given A, it uses p(B)/A. The standard notation is P(B|A). Used for decades in statistics course. First year undergraduate level.

Other chapters, presumably written by different people, do use the correct notation. But Chapter 3, on the Cyber Food Chain, has an even more disturbing flaw. It has tables of what it calls mean inhibitor values. Derived from sets of values with only 1 significant figure. But the means are given to 4 significant figures! At best, the means only have 2. What this author is doing is imputing a false accuracy of 2 extra significant figures, or 100 times greater than actuality. More strictly, it is probably close to 1000 times greater, because the mean is really no better than one significant figure.

So what? Well, given that the authors goof on such elementary steps, it should give you serious reservations about their more "sophisticated" operations, where they discuss various metrics.

Another thing. One chapter's title is mis-spelled on the top of every page in the chapter. Irritating. Makes one wonder about the proof reading.

7 of 8 people found the following review helpful:

4.0 out of 5 stars A methodical assessment of risk..., August 24, 2004

By 

Thomas Duff "Duffbert" (Portland, OR United States) - See all my reviews
(VINE VOICE)    (TOP 500 REVIEWER)    (HALL OF FAME REVIEWER)    (REAL NAME)   

This review is from: Cyber Adversary Characterization: Auditing the Hacker Mind (Paperback)

I finished reading Cyber Adversary Characterization - Auditing The Hacker Mind by Tom Parker, Eric Shaw, Ed Stroz, Matthew G. Devost, and Marcus H. Sachs. This is a very different book than anything I've seen, read, or reviewed...

Chapter breakout: Introduction; Theoretical Characterization Metrics; Disclosure and the Cyber Food Chain; Rating the Attack: Post-Incident Characterization Metrics; Asset Threat Characterization; Bringing It All Together: Completing the Cyber Adversary Model; WarmTouch: Assessing the Insider Threat and Relationship Management; Managing the Insider Threat; The Cyber Adversary in Groups: Targeting Nations' Critical Infrastructures; Characterizing the Extremes - Terrorists and Nation States; Return on Investment; Final Words; Glossary; Index

Most books that concern themselves with the "hacker mindset" do so with personality characterizations and attack methods. When you get done, you may understand how attacks occur, but you're no further along in doing a critical risk assessment of your particular environment. This book is the first I've seen that attempts to analyze the components mathematically in order to allow you to weight different scenarios against each other. The authors do a decent job in taking individual characteristics of the attacker, the environment, and the target, explaining how each component affects an attack scenario, and then giving a formula that can be used to assign a numeric value. While you may not agree with the interpretation, it's a rigorous approach to something that can be hard to quantify.

I haven't decided whether I approve of the WarmTouch chapter. It's a software package developed by the authors that attempts to chart threat assessment from a person based on email wording, actions, and other observed behavior. The idea is interesting, but I normally have issues with a book like this being used to push an author's product. I'll just say buyer beware in this case...

Bottom line... this would be a useful read for someone in security consulting and auditing, and would help an organization take a methodical view of their environment for risk assessment. There's not much on the book market like this volume.

3 of 4 people found the following review helpful:

1.0 out of 5 stars Poorly Written Book that Needs Serious Editing, August 26, 2005

By 

CyberChick (Washington, DC) - See all my reviews

Amazon Verified Purchase

This review is from: Cyber Adversary Characterization: Auditing the Hacker Mind (Paperback)

This book attempts to discuss a topic of great interest to me. Since there are no other books in print that address this topic, I eagerly bought the book with great expectations. Unfortunatly I have been highly disappointed.

I highly recommend you avoid this book if you have an aversion to the gross butchering of the English language. I have found this book to be so far over the line of good writing that it is distracting. I haven't even been able to make it out of the second chapter! Sentence structures are unnecessarily complex and wordy. The text is replete with grammatical errors and misspellings. The author created terms to describe his concepts, yet the terms have other connotations, making it further difficult to understand. Parsing and understanding what the author is trying to say in certain passages is difficult at best. I'm sure if I had been in meetings with this author, I would know his language and intuitively understand what he means, but the new reader, devoid of that knowledge, is at a significant disadvantage. If this book had been properly edited, it would be about half its size. One has to ask what the publisher was thinking, or not.

This is most unfortunate. The threat of cyber attacks against national interests and critical infrastructure is very high. Having a book that proposes a systematic methodology to help identify and address those threats would be most useful.