Targeted Cyber Attacks

Book description

Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indiscriminately, targeted attacks involve intelligence-gathering and planning to a degree that drastically changes its profile.

Individuals, corporations, and even governments are facing new threats from targeted attacks. Targeted Cyber Attacks examines real-world examples of directed attacks and provides insight into what techniques and resources are used to stage these attacks so that you can counter them more effectively.

  • A well-structured introduction into the world of targeted cyber-attacks
  • Includes analysis of real-world attacks
  • Written by cyber-security researchers and experts

Table of contents

  1. Cover image
  2. Title page
  3. Copyright
  4. A Few Words About Targeted Cyber Attacks
  5. Acknowledgments
  6. About the Authors
  7. Overview
  8. Chapter 1. Introduction
    1. References
  9. Chapter 2. Intelligence Gathering
    1. 2.1 Intelligence Gathering Process
    2. 2.2 OSINT, CYBINT, and HUMINT
    3. 2.3 OSNs: A Case Study
    4. References
  10. Chapter 3. Infecting the Target
    1. 3.1 Elements Used in Incursion
    2. 3.2 Model A: Spear Phishing Attack: Malicious Attachments
    3. 3.3 Model B: Spear Phishing Attack: Embedded Malicious Links
    4. 3.4 Model C: Waterholing Attack
    5. 3.5 Model D: BYOD as Infection Carriers: USB
    6. 3.6 Model E: Direct Incursion: Network Exploitation
    7. References
  11. Chapter 4. System Exploitation
    1. 4.1 Modeling Exploits in Targeted Attacks
    2. 4.2 Elements Supporting System Exploitation
    3. 4.3 Defense Mechanisms and Existing Mitigations
    4. 4.4 Anatomy of Exploitation Techniques
    5. 4.5 Browser Exploitation Paradigm
    6. 4.6 Drive-By Download Attack Model
    7. 4.7 Stealth Malware Design and Tactics
    8. References
  12. Chapter 5. Data Exfiltration Mechanisms
    1. 5.1 Phase 1: Data Gathering Mechanisms
    2. 5.2 Phase 2: Data Transmission
    3. References
  13. Chapter 6. Maintaining Control and Lateral Movement
    1. 6.1 Maintaining Control
    2. 6.2 Lateral Movement and Network Reconnaissance
    3. References
  14. Chapter 7. Why Targeted Cyber Attacks Are Easy to Conduct?
    1. 7.1 Step 1: Building Targeted Attack Infrastructure
    2. 7.2 Step 2: Exploring or Purchasing Stolen Information About Targets
    3. 7.3 Step 3: Exploits Selection
    4. 7.4 Step 4: Malware Selection
    5. 7.5 Step 5: Initiating the Attack
    6. 7.6 Role of Freely Available Tools
    7. References
  15. Chapter 8. Challenges and Countermeasures
    1. 8.1 Real-Time Challenges
    2. 8.2 Countermeasures and Future Developments
    3. References
  16. Chapter 9. Conclusion
    1. References
  17. Abbreviations

Product information

  • Title: Targeted Cyber Attacks
  • Author(s): Aditya Sood, Richard Enbody
  • Release date: April 2014
  • Publisher(s): Syngress
  • ISBN: 9780128006191