Cybercrime and Espionage
eBook - ePub

Cybercrime and Espionage

An Analysis of Subversive Multi-Vector Threats

  1. 272 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Cybercrime and Espionage

An Analysis of Subversive Multi-Vector Threats

Book details
Book preview
Table of contents
Citations

About This Book

Cybercrime and Espionage provides a comprehensive analysis of the sophisticated patterns and subversive multi-vector threats (SMTs) associated with modern cybercrime, cyber terrorism, cyber warfare and cyber espionage. Whether the goal is to acquire and subsequently sell intellectual property from one organization to a competitor or the international black markets, to compromise financial data and systems, or undermine the security posture of a nation state by another nation state or sub-national entity, SMTs are real and growing at an alarming pace. This book contains a wealth of knowledge related to the realities seen in the execution of advanced attacks, their success from the perspective of exploitation and their presence within all industry. It will educate readers on the realities of advanced, next generation threats, which take form in a variety ways.

This book consists of 12 chapters covering a variety of topics such as the maturity of communications systems and the emergence of advanced web technology; how regulatory compliance has worsened the state of information security; the convergence of physical and logical security; asymmetric forms of gathering information; seven commonalities of SMTs; examples of compromise and presence of SMTs; next generation techniques and tools for avoidance and obfuscation; and next generation techniques and tools for detection, identification and analysis.

This book will appeal to information and physical security professionals as well as those in the intelligence community and federal and municipal law enforcement, auditors, forensic analysts, and CIO/CSO/CISO.

  • Includes detailed analysis and examples of the threats in addition to related anecdotal information
  • Authors' combined backgrounds of security, military, and intelligence, give you distinct and timely insights
  • Presents never-before-published information: identification and analysis of cybercrime and the psychological profiles that accompany them

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Cybercrime and Espionage by Will Gragido,John Pirc in PDF and/or ePUB format, as well as other popular books in Ciencia de la computación & Ciberseguridad. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Syngress
Year
2011
ISBN
9781597496148
Topic
Ciencia de la computación
Subtopic
Ciberseguridad
1
Cybercrime and Espionage and the New Security 101

Information in this chapter

He Who Does Not Prevent a Crime When He Can, Encourages It
What’s Old Is New Again
A Changing World
Cybercriminal Statistics: U.S. and Abroad
The Statistics of Cybercrime
Separating the Wheat from the Chaff: Qualifying Amateurs and Professionals
Trends in 2011
Myopic to the Catastrophic: Advanced Persistent Threats
Points of Confluence: Events That Have Shaped the Future of Privatized Cybercrime and Espionage
Agendas in Next Generation Cybercriminal Activity
The Coming Decade

Introduction

The Roman statesman Marcus Tullius Cicero (b. 106 B.C.–d. 43 B.C.) when speaking on the nature of criminality, once said that “The enemy is within the gates; it is with our own luxury, our own folly, our own criminality that we have to contend.” Put another way, Cicero had clearly identified what he believed to be the root cause for much of what ails all humanity. Cicero believed that the enemy—or the threat that comprised it—had already breached man’s defenses as a race. Perhaps, it had compromised the perimeter defenses of early man long before Cicero’s time and had firmly taken root in the ecosystem of mankind’s very existence. He clearly states that it is man’s desire toward luxury (in Cicero’s days, just as in our own, the desire for luxury was ubiquitous and the means by which some sought to achieve and maintain it were, just as they are today, less than honorable and often exploitative in the best of cases), his willingness to commit folly (his willingness to participate in, orchestrate, and execute idiocy or madness), and his criminality (which just as in Cicero’s day is today a direct result of our lack of ethics, morality, and a galvanized sense of right and wrong) that must be recognized, managed, and mastered. Failure to do so only encourages the proliferation of the behavior and the aftermath that it yields. Cicero knew this to be the case and was cautioning future generations to take heed of what was occurring within his world because if it could happen in Rome, it could, and would, happen anywhere. Cicero was a very wise man.
This quote with respect to the nature of criminality has, since the first time the authors encountered it, struck them as being both insightful and profound. Cicero had articulated in a ubiquitous manner the nature of those who willingly partake in criminal acts. Cicero’s point is simple and warrants reiteration. For Cicero, humanity (regardless of how simple or complex the society) owns its criminality and its propensity toward it.

He Who Does Not Prevent a Crime When He Can, Encourages It

Seneca, the Roman philosopher (first century A.D.), once said “He who does not prevent a crime when he can, encourages it.” In Seneca’s view inaction equated to action that ultimately encouraged (when speaking about crime) the perpetuation of criminal activity. Actions are ultimately influenced by a number of variables—some much more within the boundaries of our immediate control than others. Some are fed and fueled by our ethics and morality while others are influenced by a lack thereof. Regardless crime is, as Cicero asserts, an enemy that warrants immediate attention and the battle begins within each one of us. Criminality in all its forms ultimately comes back to man’s interpretation of law and governance and what is or is not perceived as being allowable in relation to the accepted norms set forth by law. At a primitive level, it is an extension of the struggle between that which is deemed “good” and that which is deemed “evil.” It is a terrifically powerful idea to grasp—one that forces each of us to conceptualize our own proximity to “good” and “evil” and to “right” and “wrong” while considering the idea itself with respect to its universal implications. It is an idea that transcends time and one which future generations (just as those that have come before them) will struggle against. Though this may sound inconceivable, we must bear in mind that not all is lost and that just as Cicero pointed out, the enemy is and always has been within the gates, and also that where there is life there exists hope. It is this idea that we will strive to explore, flesh out, and extol throughout the entirety of this work.
Criminal activity is a reality of the world in which we live. So too is espionage and often the two are not mutually exclusive. This is not a new concept. It is however a reccurring theme which bears repeating. One question we are often asked is whether there is any hope in combating this activity. People are curious as to whether this is possible either in the traditional sense or in those areas in which there has been a unique evolution such as that within cyberspace and the Internet—and the answer is yes, there is hope; however, it comes at a price. Moreover, it is not a trivial undertaking and should not be presented in a light that either under-emphasizes or over-aggrandizes it.
Our attitudes and approach to these challenges must evolve as well and like Cicero, we must recognize first that the enemy lies within before we begin to master those who threaten us from external vantage points. We must steel ourselves in the knowledge that we must cultivate and develop a sense of vigilance that lends itself to the development and proliferation of those who seek to combat the actions of the criminally inclined. In doing so, we encourage and enable ourselves to detect, identify, and prevent criminal activity and gain a greater degree of insight into the psychological motivations and drivers at work within these individuals and groups while enabling a more robust understanding of the tactics, strategies, and plans being executed on a global basis to accomplish their means. Never before has the world been more ripe for the taking by sophisticated entities bent on profiting at all costs, in defiance of local and international law, let alone socially accepted definitions of normative behavior associated with ethics and morality. As a result, a new breed of information security professionals must be armed and equipped with the tools necessary for addressing these adversaries and their actions.

What’s Old Is New Again

At this point in the chapter, you may be wondering just why we are discussing the philosophical aspects associated with criminality in a book dedicated to cybercrime and espionage. It is a valid question and one that requires an equally valid response. To begin with, as we have established, humanity is its own greatest threat. This is likely not a huge shock to you, the reader, if you have read any philosophy in school or turned on the evening news. However, it is important that we stress this point as it is the basis for understanding much (if not all) of what influences criminal activity. In many respects, the same root influencers are present when speaking about traditional criminal activity or next generation criminality such as that which is most often associated with cybercrime and espionage. As a result, we must diligently work to mitigate the risks associated with those behaviors, which fall into categories defined as being criminal and deviant from the norm. Equally important is our understanding that engaging in criminal activity is a choice. It is not something that just happens, though there are rare occasions when this is the case.
Throughout recorded history, human beings have achieved incredible milestones, demonstrating the superiority of our species in both evolving and adapting to our changing environment. We see this in every aspect of our world and it should come as no surprise that we excel in subverting laws and governance with the same ease and elegance as in other areas in which we continue to push the envelope of achievement. Examples of human determination and drive can be cited all the way back to the Neolithic era (roughly 10,000 years ago), when man matured from hunter-gatherer to farmer. As our societal trends and patterns continued to evolve and grow along with our natural migratory patterns, so did our technological advances. Crude implements gave way to more consistently designed and manufactured tools. Techniques and ideologies were developed to aid in ensuring bounty. While these aspects of humanity flourished (to its credit), so too did its challenges, in particular those dealing with morality, good, and evil in the eyes of the law as it existed at that time.
Evidence that this struggle existed long ago can be seen in the ancient Chaldean/Babylonian text, the Code of Hammurabi (ca. 1750 B.C.). This work, also known as the Codex Hammurabi, has some 282 laws, some with scaled degrees of severity, depending on a person’s social station. Some examples of the Code of Hammurabi are given here:
If anyone ensnares another, putting a ban upon him, but cannot prove it, then he that ensnared him shall be put to death.
If anyone brings an accusation against a man and the accused goes to the river and leaps into it and sinks, then his accuser shall take possession of his house. However, if the river proves that the accused is not guilty, and he escapes unhurt, then he who had brought the accusation shall be put to death, while he who leaped into the river shall take possession of the house that had belonged to his accuser.
If anyone brings an accusation of any crime before the elders and does not prove what he has charged, he shall, if a capital offense is charged, be put to death.
If a builder builds a house for someone, and does not construct it properly, and the house that he built falls in and kills its owner, then the builder shall be put to death. (Another variant of this is that if the owner’s son dies, then the builder’s son shall be put to death.)
If a son strikes his father, his hands shall be hewn off.
If a man gives his child to a nurse and the child dies in her hands, but the nurse unbeknown to the father and mother nurses another child, then they shall convict her of having nursed another child without the knowledge of the father and mother and her breasts shall be cut off.
If anyone steals the minor son of another, he shall be put to death.
If a man takes a woman as his wife but has no intercourse with her, then this woman is no wife to him.
If a man strikes a pregnant woman, thereby causing her to miscarry and die, then the assailant’s daughter shall be put to death.
If a man puts out the eye of an equal, his eye shall be put out.
If a man knocks the teeth out of another man, his own teeth will be knocked out.
If anyone strikes the body of a man higher in rank than he, he shall receive 60 blows with an ox-whip in public.
If a freeborn man strikes the body of another freeborn man of equal rank, he shall pay one gold mina (an amount of money).
If a slave strikes the body of a freed man, his ear shall be cut off.
If anyone commits a robbery and is caught, he shall be put to death.
If anyone opens his ditches to water his crop, but is careless, and the water floods his neighbor’s field, he shall pay his neighbor corn for his loss.
If a judge tries a case, reaches a decision, and presents his judgment in writing, and it is later discovered that his decision was in error, and that it was his own fault, then he shall pay 12 times the fine set by him in the case and be removed from the judge’s bench.
If during an unsuccessful operation a patient dies, the arm of the surgeon must be cut off.
As one can see, many of these laws were, for the time, quite relevant and arguably necessary in maintaining order in a world that was continuing to evolve though we would today frown on and discourage roughly 99% of them from a twenty-first century perspective, some of them are almost absurd, while it could be argued that others are still relevant. There are limitless examples that can be cited from the ancient times the world over, which underscore two key points: criminal behavior is neither new nor is it something to be taken lightly. As a result, developing the ability to swiftly and accurately detect criminal activity as it morphs is of paramount importance to those tasked with defending against it and sitting in judgment of the accused when the time comes to do so. Equally important is the ability for those tasked with preventing criminal activity to realize that regardless of the form in which it manifests, behaviorally it is neither new nor original.
Certain elements and factors will remain prevalent in the exploration and expansion of criminal enterprise, namely, the risk-to-reward proposition. It is for this reason that the authors and other leading researchers and analysts who devote their time and energy to studying the behavioral patterns and activities of criminal actors believe that the rise in cybercrime has increased dramatically on a global basis. As we shall see throughout the remainder of this book, the evolution revolution within the criminal underworld is squarely upon us and has been so for some time. As King Solomon once said, “What has been will be again, what has been done will be done again; there is nothing new under the sun” (Ecclesiastes 1:9, New International Version). Though debates rage within theological circles regarding the authenticity of the book (Ecclesiastes) and its attribution (authorship traditionally attributed to Solomon, King of Israel), few question the honesty and ubiquity of its message, its timelessness, and the fact that it transcends arguments related to the validity of religion and faith. The message is clear: things tend to be cyclical, and to a degree, predictable in their individual and collective states of unpredictability. Nowhere is this more the case than in the realm of information security, specifically when addressing the rise of cybercriminal activity and espionage in the twenty-first century.

A Changing World

Over the course of the last two decades, the world has become more connected than ever before. The importance of geographic disparity has become an outdated concern. It has become outdated, as distance has, in effect, died. This is largely due to the rise and viral expansion of modern data and telecommunications networks, and of course, the intoxicating allure of the Internet and World Wide Web. Never before has humanity experienced this level or degree of interconnectivity. Our collective perspective has forever been changed and there is no turning back. We are simply in too deep to consider extrication from today’s technologically infused world. To assert the contrary is akin to seeking disconnection from the human race itself. At this point in human history, it is virtually impossible, given the interdependencies and complexities associated with such a task. Our lives, our work, our ambitions, our entertainment, our finances, and our identities, like it or not, are interwoven in a web of 1s and 0s, which exist in a virtual plane of our creation.
With a click of...

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Foreword
  6. Preface
  7. Acknowledgments
  8. About the Authors
  9. 1. Cybercrime and Espionage and the New Security 101
  10. 2. Evolution Revolution
  11. 3. The Silent Killer: How Regulatory Compliance has Worsened the State of Information Security
  12. 4. Mediating the Great Divorce: The Convergence of Physical and Logical Security
  13. 5. Nonstate Sponsored Attacks: Stealing Information is Our Business… and Business is Good
  14. 6. State-Sponsored Intelligence
  15. 7. Cyber X: Criminal Syndicates, Nation States, Subnational Entities, and Beyond
  16. 8. The Rise of the Subversive Multivector Threat
  17. 9. Seven Commonalities of Subversive Multivector Threats
  18. 10. Examples of Compromise and Presence of Subversive Multivector Threats
  19. 11. Hiding in Plain Sight: Next-Generation Techniques and Tools for Avoidance and Obfuscation
  20. 12. Weapons of Our Warfare: Next-Generation Techniques and Tools for Detection, Identification, and Analysis
  21. Index