Reverse Deception: Organized Cyber Threat Counter-Exploitation

Sean M. Bodmer CISSP® CEH® Sean M. Bodmer is Director of Federal and Military Programs at Savid Corporation, Inc. Sean is an active Honeynet researcher specializing in the analysis of signatures, patterns, and behaviors of malware and attackers. Most notably he has spent several years leading the operations and analysis of advanced intrusion detection systems (honeynets) where the motives and intent of attackers and their tools can be captured and analyzed in order to generate actionable intelligence to further protect customer networks. Sean has worked in various Systems Security Engineering roles for various federal government entities and private corporations over the past decade in the Washington D.C. Metro area. Sean has lectured across the United States at industry conferences such as DEFCON, PhreakNIC, DC3, NW3C, Carnegie Mellon CERT, and the Pentagon Security Forum all covering the aspects of attack and attacker assessment profiling in order to identify the true motivations and intent behind cyber attacks.Gregory Carpenter, CISM, has earned numerous professional awards including the Joint Task Force for Global Network Operations Officer of the Quarter, recognition in the Who's Who in International Business, and serves on the U.S. Government's Cross Domain Solution Working Group, the Joint Wireless Working Group, and many others. As Team Chief of Information Operations, He develops plans and oversees the use of full -spectrum Information Operations which includes Computer Network Operations, Electronic Warfare, Operations Security, Psychological Operation and Military Deception in support of military and National Objectives. He develops, reviews and proposes Military Operational and & National Policy strategies for Cyber Operations. He has received numerous professional awards, including the prestigious National Security Agency Military Performer of the Year in 2007 and the Joint Task Force for Global Network Operations Officer of the Quarter, 2nd Qtr 2006. He was recognized in Who's Who in International Business in 1997 the same year he was the 1st US Army Non-Commissioned officer of the Year (1st Runner-up).Jade Anton Jones, J.D., has 15 years practice experience: areas of expertise include Information Operations and Space Law. He is a civilian with the Department of Defense and a Navy JAG Commander in the Reserves.

In-depth counterintelligence tactics to fight cyber-espionage"A comprehensive and unparalleled overview of the topic by experts in the field."-- SlashdotExpose, pursue, and prosecute the perpetrators of advanced persistent threats (APTs) using the tested security techniques and real-world case studies featured in this one-of-a-kind guide. Reverse Deception: Organized Cyber Threat Counter-Exploitation shows how to assess your network's vulnerabilities, zero in on targets, and effectively block intruders. Discover how to set up digital traps, misdirect and divert attackers, configure honeypots, mitigate encrypted crimeware, and identify malicious software groups. The expert authors provide full coverage of legal and ethical issues, operational vetting, and security team management.Establish the goals and scope of your reverse deception campaignIdentify, analyze, and block APTsEngage and catch nefarious individuals and their organizationsAssemble cyber-profiles, incident analyses, and intelligence reportsUncover, eliminate, and autopsy crimeware, trojans, and botnetsWork with intrusion detection, anti-virus, and digital forensics toolsEmploy stealth honeynet, honeypot, and sandbox technologiesCommunicate and collaborate with legal teams and law enforcement

This is the first book dedicated to understanding and fighting advanced persistent threats, today's most pernicious, most feared, but least understood risk to enterprise security.

Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).

Ch 1. IntroductionCh 2. Deception Throughout History to TodayCh 3. The Applications & Goals of Cyber CounterintelligenceCh 4. The Missions and Outcomes of Criminal ProfilingCh 5. Legal & Ethical Aspects of DeceptionCh 6. Attack TradecraftCh 7. Operational DeceptionCh 8. Tools, Tactics & ProceduresCh 9. Attack AttributionCh 10. Black Hat MotivatorsCh 11. Understanding Advanced Persistent ThreatsCh 12. When To & When Not To ActCh 13. Implementation & Validation TacticsReferencesAppendices