Targeted Cyber Attacks
by Zeljka Zorz - Friday, 1 August 2014.
Authors: Aditya Sood, Richard Enbody
Pages: 158
Publisher: Syngress
ISBN: 0128006048



Introduction

Targeted cyber attacks against individuals, organizations, businesses, groups, and critical services happen every day around the globe. This book aims to tell you how attackers go about pulling off such attacks, and what you can do to protect yourself and your organization against them.

About the authors

Aditya K Sood (Ph.D) is a senior security researcher and consultant. He has research interests in malware automation and analysis, application security, secure software design and cybercrime.

Dr. Richard Enbody is an Associate Professor in the Department of Computer Science and Engineering at Michigan State University. Richard has published research in a variety of areas, but mostly in computer security and computer architecture.

Inside the book

The book starts with a chapter explaining what targeted attacks are, what is their purpose, how they differ from advanced persistent threats (APTs), and presents the different phases attackers should go through in order to launch a successful targeted attack.

The next few chapters address each of the stages - intelligence gathering, target infection, system exploitation, data exfiltration, maintaining control and lateral movement - and enumerate and explain the tools, resources, approaches, exploitation techniques, data exfiltration mechanisms, and control software used by attackers.

You'll get a glimpse of the thought process behind the different choices that these attackers make.

Chapter 7 will show you just how easy is to mount a targeted attack as information, software, hosting servers, exploits, malware and other needed components can be easily purchased online.

Finally, the authors address the challenges defenders face when setting up defenses against this type of attacks, and countermeasures they can employ, and dispel some of the myths and misconceptions regarding targeted attacks and malware infections.

Final thoughts

This a relatively short book and, consequently, doesn't go much in-depth. Not that it should - as it stands, it's ideal for novices in the cyber security field as it allows them to grasp the key elements of the topic quickly, but can be also helpful to professionals that are just now coming face to face with the targeted attack threat.



Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //