Reverse Deception Organized Cyber Threat Counter-Exploitation (Paperback)

A complete guide to understanding and fighting advanced persistent threats—today's most destructive risk to enterprise security

Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).

APTs cannot be seen, spread invisibly, and then continue to live in an enterprise network, undetected. In this one-of-a-kind book, the authors explain how to get—and stay—ahead of today's well-organized and extremely persistent brand of network enemies. The book describes the characteristics of malware and botnets, how they can morph, evade detection, and spin off decoys that live in-network, while appearing to have been cleaned up and debugged. This detailed guide then reveals how to detect the appearance of malicious code, decode the types of enemies they originate from, and finally, how to extricate malcode and deflect its future entry into networks.

Reverse Deception: Organized Cyber Threat Counter-Exploitation features:

• Full coverage of the #1 feared type of network attack today, the APT
• Descriptions of cyber espionage tactics seen in the U.S. and internationally, with comparisons of the types of countermeasures permissible by law in the U.S. and Asia versus less strict countries in Europe, the Middle East, and Africa
• Enthralling case studies and true stories from the authors' FBI, DOD, NSA, and private sector work
• Foreword by Fred Feer, a security professional with 40 years’ experience with the U.S. Army counterintelligence, CIA, RAND, and independent consulting
• Complete coverage of key aspects of deception, counter-deception, behavioral profiling, and security within the cyber realm
• Cat-and-mouse strategies from the best in the game—explains how to implement deception and disinformation techniques against a variety of incoming threats aimed at enticing adversaries out into the open
• A fresh perspective on innovative, field-tested ideas for successfully countering current digital threats—plus expected characteristics of the next threats to come
• Legal explanations of capabilities, limitations, and requirements for assisting law enforcement investigations

Coverage includes:
Deception Throughout History to Today; The Applications & Goals of Cyber Counterintelligence; The Missions and Outcomes of Criminal Profiling; Legal & Ethical Aspects of Deception; Attack Tradecraft; Operational Deception; Tools, Tactics & Procedures; Attack Attribution; Black Hat Motivators; Understanding Advanced Persistent Threats; When & When Not to Act; Implementation & Validation Tactics

一本完整指南，幫助理解和對抗高級持續性威脅——當今對企業安全最具破壞性的風險。

《反欺騙：組織化網絡威脅對抗》解釋了如何識別高級持續性威脅（APTs），根據風險級別對其進行分類，並通過應用經驗豐富、經過實地測試的私營和政府部門方法（NSA、FBI和DOD）來優先採取行動。APTs無法被看見，它們在企業網絡中隱藏並繼續存在，不被檢測到。在這本獨一無二的書中，作者們解釋了如何領先於當今組織化且極具持續性的網絡敵人。該書描述了惡意軟件和僵屍網絡的特徵，以及它們如何變形、逃避檢測並產生在網絡中的假象，同時看起來已經被清理和調試。然後，這本詳細的指南揭示了如何檢測惡意代碼的出現，解碼它們來源的敵人類型，最終如何提取惡意代碼並阻止其未來進入網絡。

《反欺騙：組織化網絡威脅對抗》的特點包括：
- 全面介紹當今最令人擔憂的網絡攻擊類型，即APTs
- 描述在美國和國際上看到的網絡間諜戰術，並比較在美國和亞洲與歐洲、中東和非洲等不那麼嚴格的國家允許的對策類型
- 作者在FBI、DOD、NSA和私營部門工作中的引人入勝的案例研究和真實故事
- 前言由Fred Feer撰寫，他在美國陸軍反情報、中央情報局、RAND和獨立咨詢方面擁有40年的安全專業經驗
- 對網絡領域中欺騙、反欺騙、行為分析和安全的全面覆蓋
- 來自頂尖玩家的貓鼠戰略，解釋如何對抗各種引誘對手的入侵威脅，實施欺騙和虛假信息技術
- 對成功對抗當前數字威脅的創新、經過實地測試的想法提供新的觀點，以及未來威脅的預期特徵
- 對協助執法調查的能力、限制和要求的法律解釋

內容包括：歷史上的欺騙到現在；網絡反情報的應用和目標；犯罪心理學的任務和結果；欺騙的法律和道德方面；攻擊技巧；操作性欺騙；工具、戰術和程序；攻擊歸因；黑帽動機；了解高級持續性威脅；何時行動以及何時不行動；實施和驗證策略。