Network Attacks and Exploitation
eBook - ePub

Network Attacks and Exploitation

A Framework

Matthew Monte

  1. English
  2. ePUB (handyfreundlich)
  3. Über iOS und Android verfügbar
eBook - ePub

Network Attacks and Exploitation

A Framework

Matthew Monte

Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben

Über dieses Buch

Incorporate offense and defense for a more effective network security strategy

Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals.

Assaults and manipulation of computer networks are rampant around the world. One of the biggest challenges is fitting the ever-increasing amount of information into a whole plan or framework to develop the right strategies to thwart these attacks. This book clears the confusion by outlining the approaches that work, the tools that work, and resources needed to apply them.

  • Understand the fundamental concepts of computer network exploitation
  • Learn the nature and tools of systematic attacks
  • Examine offensive strategy and how attackers will seek to maintain their advantage
  • Understand defensive strategy, and how current approaches fail to change the strategic balance

Governments, criminals, companies, and individuals are all operating in a world without boundaries, where the laws, customs, and norms previously established over centuries are only beginning to take shape. Meanwhile computer espionage continues to grow in both frequency and impact. This book will help you mount a robust offense or a strategically sound defense against attacks and exploitation. For a clear roadmap to better network security, Network Attacks and Exploitation is your complete and practical guide.

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Network Attacks and Exploitation als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Network Attacks and Exploitation von Matthew Monte im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Computer Science & Cyber Security. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag
Wiley
Jahr
2015
ISBN
9781118987230
Auflage
1
Thema
Computer Science
Thema
Cyber Security

Chapter 1
Computer Network Exploitation

A computer once beat me at chess, but it was no match for me at kickboxing.
—Emo Philips
Since Sun Tzu's The Art of War, historians and analysts have searched for guiding theories and principles of conflict. Their purpose was not always to create some academic treatise to be beheld or to provide an endless stream of pithy quotes for marketing presentations. Rather, in exploring the principles of conflict, the goal is to confer an advantage in training, planning, research and development, execution, and defense—in short, to increase the efficiency and effectiveness of a fighting force in all aspects.
Information systems are a new area of conflict; one in which the incursions are virtual and the violations of sovereignty are abstracted. Yet the stakes are tangible. There may be no land involved, but both sides seek to attack and protect a territory and property.
Information systems are integrated into all aspects of the global economy and modern nation-states. Of course, there is e-mail and the Web, but less visible are the inventory, ordering, and payment systems that drive business. You barely notice when the grocery store prints out coupons based on your shopping habits, while simultaneously noting the inventory loss for later restocking. All this data is shared over a network and stored in a data center in…well…you actually have no idea. Yet this unseen database can reveal not only your favorite item from aisle 10, but also whether you are married, have kids, own pets, like to drink, or are out of town right now.
Now the flavor of ice cream you prefer may not be much of a secret worth stealing, but there is a wealth of information that is. Interested in how to log in to a bank by spoofing someone's supposedly secure login token? Looking to know which of your neighbors are dissidents and are “inciting subversion of the state”? Curious about what an aspiring U.S. vice presidential candidate writes in e-mails? Do you find the source code to the computer systems on the F-35 Joint Strike Fighter appealing? My mint chocolate chip preference is the only untouched thing on this list; though that too is questionable.
Given the huge potential economic and military benefits of acquiring this information, it's no surprise that the act of stealing computer information has become a well-funded profession. And like any profession, it has developed its own set of terminology. So before getting too deep, let's start with the basics.
Computer Network Exploitation (CNE) is computer espionage, the stealing of information. It encompasses gaining access to computer systems and retrieving data. An old analogy is that of a cold war spy who picks the lock on a house, sneaks in, takes pictures of documents with his secret camera, and gets out without leaving a trace. A more modern analogy would be a drone that invades a hostile country's airspace to gather intelligence on troop strength.
Computer Network Attack (CNA) is akin to a traditional military attack or sabotage. It applies the four D's of “disrupt, deny, degrade, or destroy” to computer networks. Now, the cold war spy smashes a few artifacts as he leaves or maybe Fight Club-style, he introduces a gas leak so that the whole place explodes sometime later. Meanwhile, the drone rains hellfire missiles. CNA is the computer equivalent. It describes actions and effects that range from the subtle to the catastrophic.
Non-kinetic Computer Network Attack is a term this book uses to describe the subset of CNA conducted virtually, that is, any disruption, denial, degradation, or destruction initiated and performed via computers or computer networks. Although sending a missile into a data center is a rather effective form of CNA that fits well within the definition, physically initiated acts are outside the scope of this book.
Non-kinetic CNA therefore describes damage with virtual causes; though there very well may be physical effects. To continue with the analogy, instead of breaking anything, the spy remotely shuts off the heat during an extremely cold night causing the water pipes to burst. The cause was virtual, but the effect was not.
Computer Network Defense (CND) is protecting your networks from being exploited or attacked. It's the locks, doors, walls, and windows on the house and the police officer that walks by once a day on her beat, or the radar sweeps and antiaircraft missile systems that line the border.
Like CNA, there are both physical and virtual aspects to CND, but the term generally applies only to virtual security and is therefore used that way in this book.
Finally, Computer Network Operations (CNO) is the umbrella term that is composed of all the previous terms: Computer Network Exploitation (CNE), Computer Network Attack (CNA), and Computer Network Defense (CND).
CNE is the key subject necessary for understanding all aspects of the topic. As shown in Figure 1.1, the effective parts of each discipline are rooted in CNE.
image
Figure 1.1 CNO disciplines
Effective non-kinetic CNA requires at least a measure of access to the target. Generally, the more access you have, the wider the range of options available. With minimal access, you might temporarily take a website offline. With extensive access, you can erase the data on tens of thousands of computers and take the company down for a week, as was done to the oil company Saudi Aramco, allegedly by Iran.
CND, or defense, does not rely directly on CNE (at least not while it remains illegal to counterattack), but trying to craft a successful network defense without understanding the offense is like trying to design a flak jacket without any knowledge of ballistics. Either way, the exercise is going to end with something full of holes.
CNE is central and therefore worth formally defining. The U.S. Department of Defense defines CNE as
Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary automated information systems or networks.
Joint Publication 3-13
The first thing to note is that CNE is directed. There is a “target or adversary.” This is a differentiating factor. Many a computer worm or virus, such as Michelangelo, Code Red, Melissa, or SQL Slammer, has gained access to computer systems. And yet, these infections were not CNE because there was no intended target and no intent to gather information.
An indiscriminate worm is more like the flu. There is no conscious choice of victim, and whether a particular person gets sick is a combination of natural defenses, preparation, and luck. CNE is more like biological warfare, leveraged with a particular target in mind.
This is not to say that a CNE operation is always precision targeted or that it will never compromise a collateral computer. Counterexamples exist. Stuxnet was a wormlike attack that infiltrated Iranian nuclear facilities and then went on to infect other companies. Worms, like those created to exploit the Linux Shellshock vulnerability, can be leveraged to deposit backdoors in preparation for later access. Every action need not be deterministic, but on balance, the bulk of a CNE operation is intended to be focused, targeted, and invisible.
The rest of the Department of Defense's definition provides a good basis for discussion but requires one significant point of emphasis. To understand the missing nuance, you must first understand computer operations.

Operations

A CNE operation is a series of coordinated actions directed toward a target computer or network in furtherance of a mission objective. The mission objective may be anything ranging from political intelligence, design plans, company strategies, or plain-old financial information.
Let's parse this definition because several words take on different meanings in a CNE context.
The word target has an intentional duality. Whether target systems, target networks, target data, or target employees, “target” simultaneously refers to both the goal and the obstacles to reaching it. Target includes both the data you want to acquire and the forces in place to protect it.
Though the word attacker is commonly used to describe the offensive actor, the corresponding defender is notably absent from this definition. A target might defend, but it might not. A target may not even know if and when it is attacked.
Now everyone knows what a computer is, right? It's a desktop, laptop, or smartphone. True. But it's also your television, alarm system, building air conditio...

Inhaltsverzeichnis

  1. Cover
  2. Title Page
  3. Copyright
  4. Dedication
  5. About the Author
  6. About the Technical Editor
  7. Credits
  8. Acknowledgments
  9. Chapter 1: Computer Network Exploitation
  10. Chapter 2: The Attacker
  11. Chapter 3: The Defender
  12. Chapter 4: Asymmetries
  13. Chapter 5: Attacker Frictions
  14. Chapter 6: Defender Frictions
  15. Chapter 7: Offensive Strategy
  16. Chapter 8: Defensive Strategy
  17. Chapter 9: Offensive Case Studies
  18. Epilogue
  19. Appendix: Attack Tools
  20. References
  21. Bibliography
  22. End User License Agreement
Zitierstile für Network Attacks and Exploitation

APA 6 Citation

Monte, M. (2015). Network Attacks and Exploitation (1st ed.). Wiley. Retrieved from https://www.perlego.com/book/993919/network-attacks-and-exploitation-a-framework-pdf (Original work published 2015)

Chicago Citation

Monte, Matthew. (2015) 2015. Network Attacks and Exploitation. 1st ed. Wiley. https://www.perlego.com/book/993919/network-attacks-and-exploitation-a-framework-pdf.

Harvard Citation

Monte, M. (2015) Network Attacks and Exploitation. 1st edn. Wiley. Available at: https://www.perlego.com/book/993919/network-attacks-and-exploitation-a-framework-pdf (Accessed: 14 October 2022).

MLA 7 Citation

Monte, Matthew. Network Attacks and Exploitation. 1st ed. Wiley, 2015. Web. 14 Oct. 2022.