Cybercrime and Espionage

Book Description

Cybercrime and Espionage provides a comprehensive analysis of the sophisticated patterns and subversive multi-vector threats (SMTs) associated with modern cybercrime, cyber terrorism, cyber warfare and cyber espionage. Whether the goal is to acquire and subsequently sell intellectual property from one organization to a competitor or the international black markets, to compromise financial data and systems, or undermine the security posture of a nation state by another nation state or sub-national entity, SMTs are real and growing at an alarming pace. This book contains a wealth of knowledge related to the realities seen in the execution of advanced attacks, their success from the perspective of exploitation and their presence within all industry. It will educate readers on the realities of advanced, next generation threats, which take form in a variety ways.

This book consists of 12 chapters covering a variety of topics such as the maturity of communications systems and the emergence of advanced web technology; how regulatory compliance has worsened the state of information security; the convergence of physical and logical security; asymmetric forms of gathering information; seven commonalities of SMTs; examples of compromise and presence of SMTs; next generation techniques and tools for avoidance and obfuscation; and next generation techniques and tools for detection, identification and analysis.

This book will appeal to information and physical security professionals as well as those in the intelligence community and federal and municipal law enforcement, auditors, forensic analysts, and CIO/CSO/CISO.

  • Includes detailed analysis and examples of the threats in addition to related anecdotal information
  • Authors’ combined backgrounds of security, military, and intelligence, give you distinct and timely insights
  • Presents never-before-published information: identification and analysis of cybercrime and the psychological profiles that accompany them

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Foreword
  6. Preface
  7. Acknowledgments
  8. About the Authors
  9. 1. Cybercrime and Espionage and the New Security 101
    1. Information in this chapter
    2. Introduction
    3. He Who Does Not Prevent a Crime When He Can, Encourages It
    4. What’s Old Is New Again
    5. A Changing World
    6. Cybercriminal Statistics: U.S. and Abroad
    7. The Statistics of Cybercrime
    8. Separating the Wheat from the Chaff: Qualifying Amateurs and Professionals
    9. Trends in 2011
    10. Myopic to the Catastrophic: Advanced Persistent Threats
    11. Points of Confluence: Events That Have Shaped the Future of Privatized Cybercrime and Espionage
    12. Agendas in Next Generation Cybercriminal Activity
    13. The Coming Decade
    14. Summary
  10. 2. Evolution Revolution
    1. Information in this chapter
    2. Introduction
    3. Communication
    4. Criminal Activity
    5. Summary
  11. 3. The Silent Killer: How Regulatory Compliance has Worsened the State of Information Security
    1. Information in this chapter
    2. Introduction
    3. Regulatory Compliance Telemetry
    4. Transborder Data Flow Restrictions
    5. ISO Security Standards
    6. Health Insurance Portability and Accountability Act (HIPAA)
    7. Family Education Rights and Privacy Act (FERPA)
    8. Payment Card Industry Data Security Standard (PCI DSS)
    9. North America Electric Reliability Corporation: Critical Infrastructure Protection (NERC CIP)
    10. Summary
    11. References
  12. 4. Mediating the Great Divorce: The Convergence of Physical and Logical Security
    1. Information in this chapter
    2. Introduction
    3. The CISSP Physical Security Domains
    4. Environmental Security
    5. The Silos of Security
    6. Two-Factor Authentication
    7. Converging the Great Physical Divide
    8. Physical Device Security (Cryptography)
    9. Proximity-Based Access Control
    10. Summary
    11. References
  13. 5. Nonstate Sponsored Attacks: Stealing Information is Our Business… and Business is Good
    1. Information in this chapter
    2. Introduction
    3. Asymmetric Forms of Information Gathering
    4. Blended Reconnaissance
    5. Social Engineering and Social Networking
    6. Point, Click, and Own
    7. Summary
    8. References
  14. 6. State-Sponsored Intelligence
    1. Information in this chapter
    2. Introduction
    3. Espionage and Its Influence on Next-Generation Threats
    4. Intelligence Types
    5. Traditional Forms of Intelligence Gathering
    6. Summary
  15. 7. Cyber X: Criminal Syndicates, Nation States, Subnational Entities, and Beyond
    1. Information in this chapter
    2. Introduction
    3. Classifying the Cyber Actor
    4. Attack Sophistication Model
    5. Modus Operandi
    6. The Importance of Attribution
    7. Criminal and Organized Syndicates
    8. Nation States
    9. Subnational Entities
    10. Summary
    11. References
  16. 8. The Rise of the Subversive Multivector Threat
    1. Information in this chapter
    2. Introduction
    3. Defining the Subversive Multivector Threat (SMT)
    4. Summary
  17. 9. Seven Commonalities of Subversive Multivector Threats
    1. Information in this chapter
    2. Introduction
    3. Seven Commonalities of Subversive Multivector Threats
    4. Five Names in Threats You Should Know
    5. Next-Generation Techniques and Tools for Avoidance and Obfuscation
    6. Summary
    7. References
  18. 10. Examples of Compromise and Presence of Subversive Multivector Threats
    1. Information in this chapter
    2. Introduction
    3. Black, White, and Gray: Motives and Agendas of Cyber Actors with Respect to Cybercrime and Espionage
    4. Onion Routed and Anonymous Networks
    5. WikiLeaks
    6. Project Aurora
    7. Summary
  19. 11. Hiding in Plain Sight: Next-Generation Techniques and Tools for Avoidance and Obfuscation
    1. Information in this chapter
    2. Introduction
    3. Malware Quality Assurance Testing
    4. IP Attribution
    5. IP Spoofing
    6. Summary
    7. References
  20. 12. Weapons of Our Warfare: Next-Generation Techniques and Tools for Detection, Identification, and Analysis
    1. Information in this chapter
    2. Introduction
    3. Legacy Firewalls
    4. Antivirus
    5. Intrusion Detection Systems and Intrusion Prevention Systems
    6. What Is in a Name?
    7. MOSAIC
    8. Advanced Meta-Network Security Analysis
    9. Next Generation Security Framework
    10. Summary
    11. References
  21. Index

Product Information

  • Title: Cybercrime and Espionage
  • Author(s): Will Gragido, John Pirc
  • Release date: January 2011
  • Publisher(s): Syngress
  • ISBN: 9781597496148