- Paperback: 272 pages
- Publisher: Syngress; 1 edition (February 7, 2011)
- Language: English
- ISBN-10: 1597496138
- ISBN-13: 978-1597496131
- Product Dimensions: 7.5 x 0.6 x 9.2 inches
- Shipping Weight: 1.2 pounds (View shipping rates and policies)
- Average Customer Review: 8 customer reviews
- Amazon Best Sellers Rank: #1,273,710 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
Frequently bought together
Customers who bought this item also bought
"Risks have evolved. We haven’t. While we stabilize toward checkbox compliance, adversaries and IT accelerate onward. Adversaries know you’re compliant – and do not care – they’re counting on it. Let’s replace faith-based dogma with intellectual honesty. As fellow Cassandras, Will and John confront you with modern threat models and challenge you to adapt".--Joshua Corman, Research Director for Enterprise Security, The 451 Group
"During 2010 three specific names signaled a fundamental shift in the risks that come from dealing in an interconnected world: Project Aurora, Stuxnet, and Wikileaks. This book provides the insights of an intelligence analyst on what got us to this point, and forecasts what information security professionals will be dealing with in the near future".--James Turner, Advisor, IBRS
"Cybercrime and Espionage was probably the most comprehensive and relevant book on the cyber security landscape written to date. The authors captured the true essence of the methods and cyber trade craft backed with use case after use case. I find this book a must have for any security professional or executive that has the responsibility for ensuring the protection of their corporate infrastructure."--Alan Kessler VP & GM HP Networking Security Products Group/TippingPoint
"John and Will have done a great job in framing the threat landscape and pointing out just how far we have to go in order to truly understand the cyber threats confronting us, to better secure our networks, and to mitigate risk within our respective organizations. Cybercrime and Espionage is a great read and should provide a call to action for any executive management team. Well done."--Nick Lantuh, President of Netwitness Corporation
"Overall, this was a really interesting reading material. The authors managed to provide a fresh perspective on the intricacies surrounding modern cyber crime of today, but have not neglected the ‘big picture’."--Help Net Security
About the Author
Will Gragido possesses over 18 years of information security experience. A former United States Marine, Mr. Gragido began his career in the data communications information security and intelligence communities. After USMC, Mr. Gragido worked within several information security consultancy roles performing and leading red teaming, penetration testing, incident response, security assessments, ethical hacking, malware analysis and risk management program development. Mr.Gragido has worked with a variety of industry leading research organizations including International Network Services, Internet Security Systems / IBM Internet Security Systems X-Force, Damballa, Cassandra Security, HP DVLabs, and now RSA NetWitness, where he leads the RSA FirstWatch Advanced Threat Intelligence team.
Will has deep expertise and knowledge in operations, analysis, management, professional services & consultancy, pre-sales / architecture and strong desire to see the industry mature and enterprises & individuals become more secure. Will is a long-standing member of the ISC2, ISACA, and ISSA. Mr.Gragido holds the CISSP and CISA certifications, as well as accreditations in the National Security Agency's Information Security Assessment Methodology (IAM) and Information Security Evaluation Methodology (IEM). Additionally, Mr.Gragido is a Faculty Member of the IANS Institute where he specializes in advanced threat, botnet, and malware analysis. Mr.Gragido is a graduate of DePaul University and is currently preparing for graduate school. An internationally sought after speaker, Will is the co-author of Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats.
John Pirc has more than 19 years of experience in Security R&D, worldwide security product management, marketing, testing, forensics, consulting, and critical infrastructure architecting and deployment. Additionally, John is an advisor to HP’s CISO on Cyber Security and lectured at the US Naval Post Graduate School.
John extensive expertise in the Security field stems from past work experience with the US Intelligence Community, as Chief Technology Officer at CSG LTD, Product Manager at Cisco, Product Line Executive for all security products at IBM Internet Security Systems, Director at McAfee's Network Defense Business Unit, Director of Product Management at HP Enterprise Security Products, Chief Technology Officer at NSS Labs, Co-Founder and Chief Strategy Officer at Bricata, LLC and most recently as Director of Security Solutions for Forsythe Technology.
In addition to a BBA from the University of Texas, John also holds the NSA-IAM and CEH certifications. He has been named security thought leader from SANS Institute and speaks at top tier security conferences worldwide and has been published in Time Magazine, Bloomberg, CNN and other tier 1 media outlets.
Top customer reviews
As an amateur historian, one of the things that appealed to me about this book is the attention to detail and depth that the authors go into in providing historical context for the world of crime and espionage. They make excellent use of historical figures such as Cicero, Seneca, Hammurabi, and Sun Tzu. Because human nature does not change, neither does the usefulness of learning from the examples and philosophy of historical figures such as these when trying to understand the modern world.
This work provides a solid philosophical underpinning for understanding the fundamentals of the modern world of cybercrime and espionage. It provides exceptional clarity for the events of the day by using the past to bring current events into focus. APT (Advanced Persistent Threat), for example, is a key element of this book. The authors discuss this issue using the lens of history while tapping modern events and researchers to explain the current state of affairs.
The book's eighth chapter provides an excellent example of how the authors blend history and current affairs to explain a point. This chapter is entitled "The Rise of the Subversive Multivector Threat" and begins with a lengthy explanation of Sun Tzu's The Art of War and how it pertains to thinking about issues such as the modern world of espionage. The chapter then moves into a discussion about current statistics show that unlawful activity in the electronic world is increasing. The chapter begins to define just what is a SMT (Subversive Multivector Threat) by talking about some legal issues pertaining to economic espionage and providing some modern day examples of espionage activity. The chapter also discusses the history of the term APT which includes a discussion of Richard Bejtlich's work in this area. The authors ultimately disagree with Bejtlich's definition even though they respect it. Their SMT definition is broader than APT. They explain that a SMT might involve APT, but it's not just limited to it. It is that broader SMT definition that they explain in the rest of the chapter.
It's early in the year as I write this review, but it's entirely possible that this could be the best information security book that I'll read in 2011. It's very thorough, thoughtful, and well written. Reasonable people can and almost certainly will disagree and debate the author's conclusions, but that's all the more reason to read this book.
The intended audience could appeal to historians, regular internet users, and anyone interested in the methods and motivations of cybercriminals and cyber espionage operators. These methods come to life with the author's use of case studies. For example Danielle Duann, a former IT manager who was sentenced 3 years of supervised release and $94,000 in restitution for destroying organ donation records after being fired from her job. Her method of access was creating a fake vpn user account. Moral of the story is a cybercriminal's motive could be revenge as opposed to profit. Also, a security professional must implement regular audits of user accounts, paying special attention to super users like Danielle.
I enjoyed Chapter 11 - Hiding in plain sight: Next generation techniques' and tools for avoidance and obfuscation. In it, the authors discuss techniques on how to bypass security hardware/software controls with publically available free tools. Websites like virscan.org provide quality assurance testing for malware by running the file through AV vendor engines which report back any positives. IP spoofing methods: "The Onion Router" TOR, allows you to route your traffic through multiple nodes all over the world which encrypt the source ip as it passes through each node.
The author's stress how and why methods are becoming more sophisticated. Mainly because criminals choose the less risky method of stealing credit card numbers as opposed to going in and robbing a bank.
There is a growing need for more than the standard firewall, intrusion detection system and antivirus. A solution the authors mention is Advanced Meta-Network Security Analysis for deep packet inspection and a better understanding of what's happening on a network.
Overall I enjoyed the book. There are not enough good information security books that cover the history of espionage, cybercriminal methods and motives, and manage to keep the information contemporary and fun to read. I would highly recommend this book.