The Art of Cyberwarfare: An Investigator's Guide to Espionage, Ransomware, and Organized Cybercrime (Paperback)

Dimaggio, Jon

  • 出版商: No Starch Press
  • 出版日期: 2022-04-26
  • 定價: $1,440
  • 售價: 9.5$1,368
  • 貴賓價: 9.0$1,296
  • 語言: 英文
  • 頁數: 241
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1718502141
  • ISBN-13: 9781718502147
  • 相關分類: 資訊安全
  • 立即出貨 (庫存 < 3)

買這商品的人也買了...

商品描述

A practical guide to understanding and analyzing cyber attacks by advanced attackers, such as nation states.

Cyber attacks are no longer the domain of petty criminals. Today, companies find themselves targeted by sophisticated nation state attackers armed with the resources to craft scarily effective campaigns. This book is a detailed guide to understanding the major players in these cyber wars, the techniques they use, and the process of analyzing their advanced attacks. Whether you're an individual researcher or part of a team within a Security Operations Center (SoC), you'll learn to approach, track, and attribute attacks to these advanced actors.

The first part of the book is an overview of actual cyber attacks conducted by nation-state actors and other advanced organizations. It explores the geopolitical context in which the attacks took place, the patterns found in the attackers' techniques, and the supporting evidence analysts used to attribute such attacks. Dive into the mechanisms of:

- North Korea's series of cyber attacks against financial institutions, which resulted in billions of dollars stolen

- The world of targeted ransomware attacks, which have leveraged nation state tactics to cripple entire corporate enterprises with ransomware

- Recent cyber attacks aimed at disrupting or influencing national elections globally

The book's second part walks through how defenders can track and attribute future attacks. You'll be provided with the tools, methods, and analytical guidance required to dissect and research each stage of an attack campaign. Here, Jon DiMaggio demonstrates some of the real techniques he has employed to uncover crucial information about the 2021 Colonial Pipeline attacks, among many other advanced threats. He now offers his experience to train the next generation of expert analysts.

商品描述(中文翻譯)

一本實用指南,旨在理解和分析由國家級攻擊者(如國家)發起的網絡攻擊。

如今,網絡攻擊已不再是小偷小摸的領域。如今,公司發現自己成為受到資源豐富、能夠製造極其有效攻擊的國家級攻擊者的目標。本書詳細介紹了這些網絡戰爭中的主要角色、他們使用的技術以及分析他們的高級攻擊的過程。無論您是個人研究人員還是安全運營中心(SoC)團隊的一員,您都將學習如何處理、追蹤和歸因這些高級攻擊。

本書的第一部分是對由國家級攻擊者和其他高級組織進行的實際網絡攻擊的概述。它探討了攻擊發生的地緣政治背景、攻擊者技術中的模式以及分析人員用於歸因此類攻擊的支持證據。深入了解以下機制:

- 北韓對金融機構發起的一系列網絡攻擊,導致數十億美元被盜
- 針對整個企業癱瘓的有針對性勒索軟件攻擊,利用了國家級戰術
- 最近針對全球國家選舉進行的網絡攻擊,旨在干擾或影響選舉

本書的第二部分介紹了如何追蹤和歸因未來的攻擊。您將獲得所需的工具、方法和分析指導,以解剖和研究攻擊活動的每個階段。在這裡,Jon DiMaggio展示了他用於揭示2021年Colonial Pipeline攻擊等許多高級威脅的真實技術。他現在將自己的經驗提供給培訓下一代專業分析師。

作者簡介

Jon DiMaggio is the chief security strategist at Analyst1 and has over 15 years of experience hunting, researching, and writing about advanced cyber threats. As a specialist in enterprise ransomware attacks and nation-state intrusions, including the world's first ransomware cartel and the infamous Black Vine cyberespionage group, he has exposed the criminal organizations behind major ransomware attacks, aided law enforcement agencies in federal indictments of nation-state attacks, and discussed his work with The New York Times, Bloomberg, Fox, CNN, Reuters, and Wired. You can find Jon speaking about his research at conferences such as RSA and Blackhat.

作者簡介(中文翻譯)

Jon DiMaggio是Analyst1的首席安全策略師,擁有超過15年的經驗,專注於追蹤、研究和撰寫關於高級網絡威脅的文章。作為企業勒索軟體攻擊和國家級入侵的專家,包括世界上第一個勒索軟體卡特爾和臭名昭著的Black Vine網絡間諜組織,他揭露了主要勒索軟體攻擊背後的犯罪組織,協助执法机构对国家级攻击进行联邦起诉,并与《纽约时报》、彭博社、福克斯、CNN、路透社和《连线》等媒体讨论了他的工作。您可以在RSA和Blackhat等会议上听到Jon关于他的研究的演讲。