We have all been witnessing new kinds of attacks emerging thanks to new technologies and ways of using our computers and networks. The use of social media, an increasingly mobile workforce, cloud computing - these are just a few of the latest trends that increase the possibility of being breached. This book explains them all and gives you insight into the techniques and mindset of today's attackers.
About the authors
Nitesh Dhanjani is a well known information security researcher and speaker. He is the author of many books about hacking and computer security, and is Senior Manager in the Advisory practice At Ernst and Young.
Billy Rios is a security engineer and used to be a penetration tester for both VeriSign and Ernst and Young. He made his living by outsmarting security teams, bypassing security measures, and demonstrating the business risk of security exposures.
Brett Hardin is a Security Research Lead with McAfee. Before that, he was a penetration tester for Ernst and Young's Advanced Security Center assessing web application and intranet security for Fortune 500 companies.
Inside the book
If there is one adjective that fits all successful cyber attackers, it's "resourceful". They dig up information through any means they can find and use it effectively to reach their goal. Whether the reason behind the attack is vengeance, fame, political or plain, old fashion greed, they always seem to be one step ahead of the defenders.
But, that is not exactly true - for every attack that succeeds, there are hundreds or thousands that fail. And most of the time, they fail because they have come up against people who have knowledge about which attack vectors are likely to be deployed against a network and then securing it against them.
This book covers a lot of ground. It starts with enlightening us about the myriad of ways an attacker can gather information needed to execute the attack: dumpster giving, social engineering, scouring the social networks for information, etc.
Everyone should be made aware that the old division between trusted and untrusted zones and individuals can no longer be applied, that network protocols offer many dangers because they are were not built with security in mind and that every application has at least one vulnerability that can be exploited. It is not necessary for everyone to know how to fix these problems, but in this case, a little paranoia goes a long way.
There are all these helpful and wonderful tools and technologies out there, and we use them every day to work and play and run errands. This book gives us an insight into all the bad things that can happen - so that we can make sure they don't.
Hacking: The Next Generation is an extremely thorough, enjoyable and easy read. The authors aimed the book at anyone interested in learning the techniques that attackers use presently. I would say that it should be read by everybody whose work depends on computers - well, at least some of the chapters.
It says everything it should without the endless repeating and rephrasing so that readers would understand the concept, because it was so clearly explained the first time. This is a book that will get and keep your attention, and a must-read book for everyone dealing with computer and information security.