Reverse Deception: Organized Cyber Threat Counter-Exploitation by Sean Bodmer Page A
Book: Reverse Deception: Organized Cyber Threat Counter-Exploitation by Sean Bodmer
Read Free Book Online
Authors: Sean Bodmer
Ads: Link
words of an Irish philosopher:
All that is necessary for evil to triumph is for good men to do nothing .
—Edmund Burke
As you continue reading through this book, you will see many examples of persistent and advanced threats. Each one varies in depth, scope, and objectives, but overall can be countered by learning how to interact with adversaries and threats in real time and being able to affect their perception of your network and current state. It all relies on what lengths you, as a security professional, are allowed to go and what is appropriate for that threat.
As previously stated, all threats come in different packages and have a different look and feel. Your defense really is dependent on your organization, the laws surrounding what type of organization you work in, and your pain threshold. Some threats are menial; some are severe and need to be handled immediately. This guide will walk you through the various scenarios and provide best practices on how to handle each level of threat.
CHAPTER
2
What Is Deception?
D eception is an old tactic that has been used for millennia by forces around the world and throughout history. In this chapter, you will learn about some of the traditional techniques and methods commonly used by military and corporate organizations to counter threats and adversaries. This chapter shows how deception can be used as a tool to lure or push your threats into areas of your enterprise that you have prepared for proactive responses or countermeasures. It makes heavy use of military-based deception techniques, concepts, and vernacular, as most forms of formal deception were derived from military operations and constructs throughout the years.
As you read through this chapter, you will see how deception has been used traditionally, and how the basic concepts and best practices can easily be applied to the cyber realm of advanced, organized, and persistent threats across your enterprise.
How Does Deception Fit in Countering Cyber Threats?
From the moment I picked your book up until I laid it down, I was convulsed with laughter. Someday I intend reading it .
—Groucho Marx
There is nothing more deceptive than an obvious fact .
—Arthur Conan Doyle
Simply put, deception is a technique whereby we mislead people into believing information that prompts them to behave in a way that is favorable to us, while at the same time protecting our true intentions and posture. Truth can be lies as easily as lies can be truth.
Deceiving people and computers requires interaction with the sensory components. Sensory components can be considered any avenue by which information can be detected or received. In humans, this typically includes auditory, visual, olfactory, and electronic. Other factors that should be taken into consideration include reason, consciousness, skill level, experience, and free choice. All of these avenues can be exploited when it comes to evading detection of a human analyst or an autonomous security system.
Resources (such as time, equipment, devices, personnel, and material) are always a consideration in crafting deception, as is the need to selectively hide the real and portray false information. Traditional military deception includes operational (manual/physical) techniques known as feints, demonstrations, ruses, displays, simulations, disguises, and portrayals.
Six Principles of Deception
Military Deception (MILDEC) is one of the foundations of Information Operations (aka Information Warfare). Six primary principles make up what we know as MILDEC today (from Joint Publication 3-13.4, Military Deception , “Executive Summary”):
Focus The deception must target the adversary decision maker capable of taking the desired action(s).
Objective The deception must cause an adversary to take (or not to take) specific actions, not just to believe certain things.
Centralized planning MILDEC operations should be centrally planned and directed in order to achieve
All that is necessary for evil to triumph is for good men to do nothing .
—Edmund Burke
As you continue reading through this book, you will see many examples of persistent and advanced threats. Each one varies in depth, scope, and objectives, but overall can be countered by learning how to interact with adversaries and threats in real time and being able to affect their perception of your network and current state. It all relies on what lengths you, as a security professional, are allowed to go and what is appropriate for that threat.
As previously stated, all threats come in different packages and have a different look and feel. Your defense really is dependent on your organization, the laws surrounding what type of organization you work in, and your pain threshold. Some threats are menial; some are severe and need to be handled immediately. This guide will walk you through the various scenarios and provide best practices on how to handle each level of threat.
CHAPTER
2
What Is Deception?
D eception is an old tactic that has been used for millennia by forces around the world and throughout history. In this chapter, you will learn about some of the traditional techniques and methods commonly used by military and corporate organizations to counter threats and adversaries. This chapter shows how deception can be used as a tool to lure or push your threats into areas of your enterprise that you have prepared for proactive responses or countermeasures. It makes heavy use of military-based deception techniques, concepts, and vernacular, as most forms of formal deception were derived from military operations and constructs throughout the years.
As you read through this chapter, you will see how deception has been used traditionally, and how the basic concepts and best practices can easily be applied to the cyber realm of advanced, organized, and persistent threats across your enterprise.
How Does Deception Fit in Countering Cyber Threats?
From the moment I picked your book up until I laid it down, I was convulsed with laughter. Someday I intend reading it .
—Groucho Marx
There is nothing more deceptive than an obvious fact .
—Arthur Conan Doyle
Simply put, deception is a technique whereby we mislead people into believing information that prompts them to behave in a way that is favorable to us, while at the same time protecting our true intentions and posture. Truth can be lies as easily as lies can be truth.
Deceiving people and computers requires interaction with the sensory components. Sensory components can be considered any avenue by which information can be detected or received. In humans, this typically includes auditory, visual, olfactory, and electronic. Other factors that should be taken into consideration include reason, consciousness, skill level, experience, and free choice. All of these avenues can be exploited when it comes to evading detection of a human analyst or an autonomous security system.
Resources (such as time, equipment, devices, personnel, and material) are always a consideration in crafting deception, as is the need to selectively hide the real and portray false information. Traditional military deception includes operational (manual/physical) techniques known as feints, demonstrations, ruses, displays, simulations, disguises, and portrayals.
Six Principles of Deception
Military Deception (MILDEC) is one of the foundations of Information Operations (aka Information Warfare). Six primary principles make up what we know as MILDEC today (from Joint Publication 3-13.4, Military Deception , “Executive Summary”):
Focus The deception must target the adversary decision maker capable of taking the desired action(s).
Objective The deception must cause an adversary to take (or not to take) specific actions, not just to believe certain things.
Centralized planning MILDEC operations should be centrally planned and directed in order to achieve
Similar Books
