Targeted cyber attacks against individuals, organizations, businesses, groups, and critical services happen every day around the globe. This book aims to tell you how attackers go about pulling off such attacks, and what you can do to protect yourself and your organization against them.
About the authors
Aditya K Sood (Ph.D) is a senior security researcher and consultant. He has research interests in malware automation and analysis, application security, secure software design and cybercrime.
Dr. Richard Enbody is an Associate Professor in the Department of Computer Science and Engineering at Michigan State University. Richard has published research in a variety of areas, but mostly in computer security and computer architecture.
Inside the book
The book starts with a chapter explaining what targeted attacks are, what is their purpose, how they differ from advanced persistent threats (APTs), and presents the different phases attackers should go through in order to launch a successful targeted attack.
The next few chapters address each of the stages - intelligence gathering, target infection, system exploitation, data exfiltration, maintaining control and lateral movement - and enumerate and explain the tools, resources, approaches, exploitation techniques, data exfiltration mechanisms, and control software used by attackers.
You'll get a glimpse of the thought process behind the different choices that these attackers make.
Chapter 7 will show you just how easy is to mount a targeted attack as information, software, hosting servers, exploits, malware and other needed components can be easily purchased online.
Finally, the authors address the challenges defenders face when setting up defenses against this type of attacks, and countermeasures they can employ, and dispel some of the myths and misconceptions regarding targeted attacks and malware infections.
This a relatively short book and, consequently, doesn't go much in-depth. Not that it should - as it stands, it's ideal for novices in the cyber security field as it allows them to grasp the key elements of the topic quickly, but can be also helpful to professionals that are just now coming face to face with the targeted attack threat.