Reverse Deception: Organized Cyber Threat Counter-Exploitation (14 page)

BOOK: Reverse Deception: Organized Cyber Threat Counter-Exploitation

10.36Mb size Format: txt, pdf, ePub

ads

Why the tactics and techniques of counterintelligence are such an important tool for every stakeholder involved with securing your enterprise

A basic legal explanation of capabilities and limitations of prosecutable versus nonprosecutable investigations, and where and when it is worthwhile to implement criminal profiling, deception, and disinformation

Part II discusses techniques and approaches to defending against threats, intended to empower administrators and security personnel to act, but more important, to be proactive in their efforts:

How to analyze and react to advanced intrusions and intruders at a much deeper level than is typically done today

How to implement deception and disinformation against advanced threats in order to drive/push them in directions you desire

Functional methods and tactics that can be used to attack the minds and morale of persistent threats while operating within your own network

The nature of different motivations for online malicious/criminal behavior

Part III finishes up with the following topics:

Case studies of prior experiences of the authors where deception and disinformation was used against advanced threats in order to perform attribution

Concepts and methods for validating whether your counterintelligence operations are working on your threat or adversary

As you read through this book, think of it as an operational manual of successful best practices. All of the contributors understand our areas of specialty and each other’s accordingly. We fully believe this book contains successful strategies for regaining control of your enterprise from as many persistent and advanced threats that are targeting you, with as
little mitigated
harm to your operations, and as much
desired
damage to the morale of your threats and adversaries as possible.

This guide has plenty of fear, uncertainty, and doom (FUD), since today everyone is a target—whether you are a stakeholder of an enterprise, a professional, or a member of the family of a professional. In today’s world, everyone is a desired target, and the threats range from the casual, curious hacker all the way up to the highly skilled state-sponsored hacker.

Finally, keep in mind that some of the acronyms used in this book have connections to military or government vernacular or terminology, as most of us come from a Department of Defense, Department of Justice, or intelligence community background.

Why should you read this book? Because you have a computer connected to the Internet, and there’s valuable information, honor, and money at stake (did we mention there will be a lot of FUD in this book?).

CHAPTER