O'Reilly logo

Advanced Penetration Testing by Wil Allsopp

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 9Northern Exposure

Throughout this book we have examined the various aspects involved in modeling APT scenarios by discussing attacks against live targets in various sectors. In this last chapter, we're going to do something a little different. Rather than outline an attack on a legitimate target, we're going to look at a hypothetical intelligence gathering on a nation state. I've chosen North Korea as the target for several reasons but mostly that the massive secrecy that surrounds that hermit state, the various IT tech, and the considerable (indeed unprecedented) censorship that its citizens deal with on a daily basis make it an intriguing example and allows me to demonstrate how much information can be inferred from what is publicly available.

That, however, is not the only reason. Unlike any other nation state, North Korea can more easily be described in terms similar to a closed corporation both in a geopolitical and technological sense rather than just another country (at least from a macroscopic perspective)—granted it's not a company I would want to work for but secrecy is anathema to a good security consultant and it is therefore impossible not to be intrigued by its inner workings.

Against this backdrop, I can introduce some other approaches to advanced penetration testing that you should be familiar with, whether they are revived old school techniques—tried and tested—or newer, more emerging ideas. Therefore, examining North Korea as a closed nation state ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required