Cyber Adversary Characterization: Auditing the Hacker Mind

Author - Ed Stroz ... [Goo?] [Posters]
Author - Eric Shaw ... [Goo?] [Posters]
Author - Marcus Sachs ... [Goo?] [Posters]
Author - Matthew G. Devost ... [Goo?] [Posters]
Author - Tom Parker ... [Goo?] [Posters]

This Paperback Book item from Syngress was reviewed on 26-Oct-2008.

Search ISBN:1931836116 offer from Abebooks or used books from Alibris. Cyber Adversary Characterization: Auditing the Hacker Mind Reference Book. Classifications : All Amazon Upgrade Amazon Upgrade Custom Stores Specialty Stores Books Computers & Internet Amazon Upgrade Custom Stores Specialty Stores Books Networking Computer Science New & Used Textbooks Custom . Click the following link to view the cover of Cyber Adversary Characterization: Auditing the Hacker Mind.

Related topics: All Amazon Upgrade. Amazon Upgrade. Custom Stores. Specialty Stores. Books. Amazon Upgrade. Custom Stores. Specialty Stores. Books. Networking.

1) Paperback Book Cyber Adversary Characterization: Auditing the Hacker Mind by Syngress. This book attempts to discuss a topic of great interest to me. Since there are no other books in print that address this topic, I eagerly bought the book with great expectations. Unfortunatly I have been highly disappointed.

I highly recommend you avoid this book if you have an aversion to the gross butchering of the English language. I have found this book to be so far over the line of good writing that it is distracting. I haven´t even been able to make it out of the second chapter! Sentence structures are unnecessarily complex and wordy. The text is replete with grammatical errors and misspellings. The author created terms to describe his concepts, yet the terms have other connotations, making it further difficult to understand. Parsing and understanding what the author is trying to say in certain passages is difficult at best. I´m sure if I had been in meetings with this author, I would know his language and intuitively understand what he means, but the new reader, devoid of that knowledge, is at a significant disadvantage. If this book had been properly edited, it would be about half its size. One has to ask what the publisher was thinking, or not.

This is most unfortunate. The threat of cyber attacks against national interests and critical infrastructure is very high. Having a book that proposes a systematic methodology to help identify and address those threats would be most useful.¤

2) Paperback Book Cyber Adversary Characterization: Auditing the Hacker Mind by Syngress. Know thy enemy. This is only part of a famous quote by Sun Tzu. It is often quoted and is quite appropriate when discussing Cyber Adversary Characterization: Auditing The Hacker Mind (Tom Parker, Eric Shaw, et al, Syngress Press, 2004, 356 Pages, ISBN 1931836116). But to truly appreciate this book, which includes an account of Kevin Mitnick´s first hand description of one of his attacks, you need to think about the entire quote from The Art of War: "Know thy self, know thy enemy. A thousand battles, a thousand victories."

The battle against hackers is not a single battle, but an on-going series of battles against an enemy that is often unseen and unknown. What the authors of this book attempt to do is offer a glimpse in the minds of hackers, what predisposes them to their behaviours, and an understanding of how this knowledge might be used to gain an advantage over this unseen enemy. To do so requires discussions of real events, psychology and modeling.

As such, this book is not for everyone, especially those who want an easy read. Psychological modeling is a difficult task to not only do, but to understand. The authors do their best in making this as easy as possible to understand, but I know I still had to re-read some sections multiple times. If you read this book, you will not walk away citing parts verbatim, but you will have a good desk reference to use when needed.

What is especially valuable in this book is the coverage of threats, both internal and external. The authors not only discuss this in terms and concepts, but offer methods to model and prioritize the threats. Have you ever thought about how myopic and narrow approaches can actually put you at greater risk?

Who Should Read This Book?

This is not a book for generalists. It really is for security specialists and students of security who want to get more than a superficial knowledge of the subject. Perhaps it might even be of interest to students of sociology and psychology. Tzu also said, "The opportunity to secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself." That is the reason this book is one for the library of .serious students of the topic. If you do not fit any of these categories, you might want to steer clear. If you don´t, know what you are getting into.

Scorecard

Par on an Par 4¤

3) Paperback Book Cyber Adversary Characterization: Auditing the Hacker Mind by Syngress. I´m not a statistician or a risk expert, so I mainly view this book in terms of illuminating possible areas of risk. It was interesting to see how a threat could be evaluated, but I spent most of my time reading the initial threats portion at the beginning of each chapter. These were interesting enough.

The text is a little uneven, which is most likely from the multiple authors. The graphics are poor quality. And the organization could use some work.

I would have liked to have been inspired to appreciate the characterization portions of the book, but I was not moved to do so.¤

4) Paperback Book Cyber Adversary Characterization: Auditing the Hacker Mind by Syngress.
Cyber Adversary Characterization is a topic which many of the books authors have been studying for a number of years. You will notice that the backgrounds of the authors differ significantly, something which was entirely intentional. The authors of Auditing the Hacker Mind and the members of the working group to which all authors of the book belong bring a vast amount of knowledge relating to threat analysis and risk mitigation to the table. This has allowed us to examine the semantics of the cyber adversary from multiple points of view; allowing us to identify the multiple elements which really contribute to explaining what the modern cyber adversary ´looks like´ and why.

In addition to its more obvious audience of the information security community, Cyber Adversary Characterization: Auditing the Hacker Mind has been written for a wide audience - from Information Technology managers, to regular systems administrators. Perhaps you are responsible for budgeting for the security related outgoings of a department; can you honestly say that you are able to attribute every dollar to a real, characterized threat? Could you tell a senior manager where you think the threat might come from, the tools they might use and indeed, the precise assets that they might target?

Our aim is to allow you to look at your technological assets from a new perspective - that being the perspective of the cyber adversary them self. As a result, we hope you will attain the capability to make informed decisions regarding the way in which you can better protect your systems and justify any changes you make.

In addition to its use for the theoretical characterization of threats to key assets, we also believe that the theory we have developed proves to be of great use in the unfortunate cases where incidents have occurred. Through studying the way in which we have dissected the cyber adversary, we hope that you will be able to look at attack data in an objective manner, identifying such things as the skill level of the adversary involved, answering why the adversary initiated an attack against the target in the first place - and perhaps most importantly if the attack was a success, how to fend of the adversary if they return.

We hope you find this publication of use. We believe that the information contained within it is of great value; and really can help in bettering the way in which people look at protecting their business critical computer networks, from the cyber adversary of today and tomorrow.¤

5) Paperback Book Cyber Adversary Characterization: Auditing the Hacker Mind by Syngress. An uneven book. The preface and last chapter are by far the best parts. Noted technology commentator Richard Thieme ("Islands in the Clickstream") gives the preface. A mere 4 pages. But very eloquent and lucid. A joy to read. The last chapter is a semi-ficticious narrative of how a hacker breaks into various computers. Unix and network experts will like the depth and ingenuity described. It can be very educational, even for experienced sysadmins.

But other chapters are poorly done. For example, Chapter 2 is on Theoretical Characterisation Metrics. It repeatedly uses various conditional probabilities, but with a wrong notation. For a probability of B given A, it uses p(B)/A. The standard notation is P(B|A). Used for decades in statistics course. First year undergraduate level.

Other chapters, presumably written by different people, do use the correct notation. But Chapter 3, on the Cyber Food Chain, has an even more disturbing flaw. It has tables of what it calls mean inhibitor values. Derived from sets of values with only 1 significant figure. But the means are given to 4 significant figures! At best, the means only have 2. What this author is doing is imputing a false accuracy of 2 extra significant figures, or 100 times greater than actuality. More strictly, it is probably close to 1000 times greater, because the mean is really no better than one significant figure.

So what? Well, given that the authors goof on such elementary steps, it should give you serious reservations about their more "sophisticated" operations, where they discuss various metrics.

Another thing. One chapter´s title is mis-spelled on the top of every page in the chapter. Irritating. Makes one wonder about the proof reading.¤

6) Paperback Book Cyber Adversary Characterization: Auditing the Hacker Mind by Syngress. Develop a Well-Measured Defense Against CybercriminalsWhen we speak of the hacker mind, then, we have come to mean the mind of a miscreant motivated by a broad range of ulterior purposes. We mean script kiddies who download scripts written by others and execute them with the click of a button, we mean vandals with limited impulse control, we mean thieves of data, and then we mean all the people who use that data for extortion, corporate or industrial espionage, state-level spy craft, identity theft, grand larceny, blackmail, vicious revenge, or terror. That´s lots of kinds of minds, needing to be understood, needing to be profiled, needing to be penetrated, needing to be known inside and out.--from the preface by Richard Thieme.

• Kevin Mitnick Exposed
The infamous hacker Kevin D. Mitnick allows himself and one of his more significant hacks to be weighed and measured.
• Cyber Terrorist: Just a Media Buzzword?
Learn how the second we become narrow-minded about the security of our organizations and the resolve of our cyber enemy is the second we become vulnerable to some of the worlds most dangerous minds.
• Understand Adversary Models
Can you answer the same questions your adversary will be asking, such as "If I were to attack this target, what effort will be made to identify me, if my attack is detected?"
• Characterize Specific Threats
Identify where the real threats to your most critical assets lay and learn to answer the question of why you believe those threats are so real.
• Manage the Insider Threat
See how the key to early insider threat detection is in understanding how disgruntled employees move down the critical pathway towards an attack.
• Characterize the Extremes-Terrorists and Nation States
See why the authors believe that the concept of cyber terrorism should be viewed as a very real and critical emerging threat.
• Monitor a Cyber Stalker
Learn how software concepts such as "WarmTouch" can help restore the psychological insights lost through traditional, technology driven insider detection techniques.
• Case Studies Offer Insight and Lessons
See how characterization theory can be used to analyze some of histories more memorable incidents with 20/20 vision.

Your Solutions Membership Gives You Access to:

• Comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page
• "From the Author" Forum where the authors post timely
• The complete code listings from the book
• These downloadable e-booklets:
WarDriving: Drive, Detect, Defend: Learning to WarDriveStealing the Network: How to Own a Continent: Product of Fate: The Evolution of a HackerIT Ethics Handbook: Right and Wrong for IT Professionals: Ethics for Programmers and AnalystsRichard Thieme´s Islands in the Clickstream: Reflections on Life in a Virtual World

ABOUT THE AUTHORSTom Parker is a computer security analyst who, along side his work for some of the world´s largest organizations, providing integral security services is widely known for his vulnerability research on a wide range of platforms and commercial products. His more recent work includes the development of an embedded operating system, media management system and cryptographic code for use on digital video band (DVB) routers, deployed on the networks of hundreds of large organizations around the globe. In 1999, he helped form Global InterSec LLC, playing a leading role in developing key relationships between GIS and the public and private sector security companies. Whilst continuing his vulnerability research, focusing on emerging technologies and new vulnerability exploitation techniques, Tom spends much of his time researching methodologies aimed at characterizing adversarial capabilities and motivations against live, mission critical assets, providing methodologies to aid in adversarial attribution in the unfortunate times when incidents do occur. Currently working as a security consultant for NetSEC, a provider of managed and professional security services; Tom continues his research into finding practical ways for large organizations, to manage the ever growing cost of security, through the identification where the real threats lay there by defining what really matters. Tom is a contributing author to "Stealing the Network: How to Own a Continent" by Syngress publishing (ISBN: 1-931836-05-1).

Matthew G. Devost is President and CEO of the Terrorism Research Center, Inc., overseeing all research, analysis and training programs. He has been researching the impact of information technology on national security since 1993. Matthew is certified in the National Security Agency´s INFOSEC Assessment Methodology and is an instructor for the Threat, Exposure and Response Matrix (TERM) methodology. He is a member of the American Society for Industrial Security, the Information Systems Security Association, and the International Association for Counterterrorism & Security Professionals. He has appeared on CNN, MSNBC, FoxNews, NPR, CBS Radio, BBC television, NWCN, Australian television and over five dozen other domestic and international radio and television programs as an expert on terrorism and information warfare.

Marcus H. Sachs is the Director of the SANS Internet Storm Center and is a cyberspace security researcher, writer, and instructor for the SANS Institute. He previously served in the White House Office of Cyberspace Security and was a staff member of the President´s Critical Infrastructure Protection Board. While a member of the White House staff, Marcus coordinated efforts to protect and secure the nation´s telecommunication and Internet infrastructures, leveraging expertise from United States government agencies, the domestic private sector, and the international community. He also contributed to the National Strategy to Secure Cyberspace, upon his joining of the National Cyber Security Division of the US Department of Homeland Security.

Eric Shaw is a clinical psychologist who has spent the last 20 years specializing in the psychological profiling of political actors and forensic subjects. He has been a consultant supporting manager development and organizational change, a clinician aiding law enforcement and corporate security, an intelligence officer supporting national security interests and a legal consultant providing negotiation and litigation assistance. He has also provided cross-cultural profiling for the U.S. Government on the psychological state and political attitudes of figures such as Saddam Hussein, Iranian revolutionary leaders under Khomeini, senior Soviet military commanders, as well as Yugoslav, Laotian, Cuban and other military and political leaders.

Ed Stroz (CPA, CITP, CFE) is President of Stroz Friedberg, LLC, which he started in 2000 after a sixteen-year career as a Special Agent for the Federal Bureau of Investigation (FBI). Stroz Friedberg performs investigative, consulting, and forensic laboratory services for the most pre-eminent law firms in the country. In 1996, while still a Special Agent, he formed the FBI´s Computer Crime Squad in New York City, where he supervised investigations involving computer intrusions, denial-of-service attacks, illegal Internet wiretapping, fraud, money laundering, and violations of intellectual property rights, including trade secrets. Among the more significant FBI investigations Ed handled were: Vladimir Levin´s prosecution for hacking a US bank from Russia; the hack against the New York Times web site; the Internet dissemination by "Keystroke Snoopers," a hacking group responsible for a keystroke capture program embedded in a Trojan Horse; Breaking News Network´s illegal interception of pager messages; the denial of service attack against a major business magazine; efforts to steal copyrighted content from the Bloomberg system; and the hack of a telecommunications switch.

TOCForeword by Jeff MossChapter 1: IntroductionChapter 2: Theoretical Characterization MetricsChapter 3: Disclosure and the Cyber Food ChainChapter 4: Rating the Attack: Post-Incident Characterization MetricsChapter 5: Asset Threat CharacterizationChapter 6: Bringing It All Together: Completing the Cyber Adversary ModelChapter 7: WarmTouch: Assessing the Insider Threat and Relationship ManagementChapter 8: Managing the Insider ThreatChapter 9: The Cyber Adversary in Groups: Targeting Nations´ Critical InfrastructuresChapter 10: Characterizing the Extremes-Terrorists and Nation StatesChapter 11: ConclusionsChapter 12: Return on InvestmentGlossary¤

Page Updated: Robert N. Goolsby, 23-Nov-2008, 1931836116792502361160, 770-450-610-511-161-761-8

Cyber Adversary Characterization: Auditing the Hacker Mind, Book, Image © Syngress

Search: Syngress, Book Posters, Book Art