December 2018
Intermediate to advanced
280 pages
4h 16m
Japanese
Content preview from インテリジェンス駆動型インシデントレスポンス ―攻撃者を出し抜くサイバー脅威インテリジェンスの実践的活用法
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
序文
20年以上も前、私はMoonlight Mazeと呼ばれた大規模な不正侵入事案に初めて関与していました。これは、ロシア政府の支援を受けた攻撃グループによる不正侵入だと考えられていました。アメリカ空軍特別捜査局(AFOSI:Air Force Office of Special Investigations)での私の仕事は、データ収集、通信傍受、ネットワークや侵害されたシステムで、攻撃グループによる活動の分析を支援することでした。多くの攻撃対象に対して何度も行われた攻撃を分析していく中で、私たちは侵入されたシステムの後ろに手を伸ばし、「プラグを抜く」だけでは攻撃者を排除できないことを学びました。この攻撃グループは非常に忍耐強く、私たちのセキュリティ対策を見つけたら、同じ対象システムに数週間も再度アクセスしないというルールを徹底していました。攻撃者は、ネットワーク上の様々な対象システムへアクセスし、システムの稼働状況を確認し、バックドアを仕掛けました。同じ攻撃者によって何度も侵入されたことを受けて、この事案を担当していたタスクフォースは、「この攻撃グループは誰なのか?」「攻撃グループはどのように攻撃を仕掛けたのか?」「攻撃グループは侵入に成功した後、いったい何をしたのか?」といった疑問について、プレイブックをまとめ始めました。このプレイブックは、世界中にある多数の国防総省の拠点の防衛に役立てられました。Moonlight Mazeによる侵入を受けて、何が起きたでしょうか? この攻撃の影響範囲と緊急性により、後にアメリカサイバー軍(U.S. Cyber Command)設立につながる組織、JTF-CND(Joint Task Force - Computer Network ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.