Network Attacks and Exploitation: A Framework

Incorporate offense and defense for a more effective network security strategy Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals. Assaults and manipulation of computer networks are rampant around the world. One of the biggest challenges is fitting the ever-increasing amount of information into a whole plan or framework to develop the right strategies to thwart these attacks. This book clears the confusion by outlining the approaches that work, the tools that work, and resources needed to apply them. Understand the fundamental concepts of computer network exploitation Learn the nature and tools of systematic attacks Examine offensive strategy and how attackers will seek to maintain their advantage Understand defensive strategy, and how current approaches fail to change the strategic balance Governments, criminals, companies, and individuals are all operating in a world without boundaries, where the laws, customs, and norms previously established over centuries are only beginning to take shape. Meanwhile computer espionage continues to grow in both frequency and impact. This book will help you mount a robust offense or a strategically sound defense against attacks and exploitation. For a clear roadmap to better network security, Network Attacks and Exploitation is your complete and practical guide.

Table of Contents:
Introduction xvii Chapter 1 Computer Network Exploitation 1 Operations 4 Operational Objectives 5 Strategic Collection 6 Directed Collection 7 Non-Kinetic Computer Network Attack (CNA) 7 Strategic Access 9 Positional Access 9 CNE Revisited 11 A Framework for Computer Network Exploitation 11 First Principles 12 Principles 12 Themes 14 Summary 15 Chapter 2 The Attacker 17 Principle of Humanity 17 Life Cycle of an Operation 18 Stage 1: Targeting 19 Stage 2: Initial Access 22 Stage 3: Persistence 24 Stage 4: Expansion 25 Stage 5: Exfiltration 26 Stage 6: Detection 26 Principle of Access 27 Inbound Access 27 Outbound Access 29 Bidirectional Access 35 No Outside Access 35 Access Summary 36 Principle of Economy 37 Time 37 Targeting Capabilities 37 Exploitation Expertise 38 Networking Expertise 38 Software Development Expertise 39 Operational Expertise 40 Operational Analysis Expertise 40 Technical Resources 41 Economy Summary 41 Attacker Structure 41 Summary 43 Chapter 3 The Defender 45 Principle of Humanity 45 Humanity and Network Layout 46 Humanity and Security Policy 47 Principle of Access 48 The Defensive Life Cycle 49 Principle of Economy 51 The Helpful Defender 53 Summary 54 Chapter 4 Asymmetries 55 False Asymmetries 56 Advantage Attacker 59 Motivation 60 Initiative 61 Focus 62 Effect of Failure 62 Knowledge of Technology 64 Analysis of Opponent 64 Tailored Software 65 Rate of Change 66 Advantage Defender 67 Network Awareness 68 Network Posture 68 Advantage Indeterminate 69 Time 69 Efficiency 70 Summary 71 Chapter 5 Attacker Frictions 73 Mistakes 74 Complexity 74 Flawed Attack Tools 75 Upgrades and Updates 77 Other Attackers 78 The Security Community 80 Bad Luck 81 Summary 81 Chapter 6 Defender Frictions 83 Mistakes 83 Flawed Software 84 Inertia 86 The Security Community 87 Complexity 89 Users 91 Bad Luck 92 Summary 92 Chapter 7 Offensive Strategy 93 Principle 1: Knowledge 95 Measuring Knowledge 96 Principle 2: Awareness 97 Measuring Awareness 98 Principle 3: Innovation 98 Measuring Innovation 99 Defensive Innovation 100 Principle 4: Precaution 101 Measuring Precaution 103 Principle 5: Operational Security 105 Minimizing Exposure 106 Minimizing Recognition 107 Controlling Reaction 108 Measuring Operational Security 109 Principle 6: Program Security 110 Attacker Liabilities 110 Program Security Costs 112 Measuring Program Security 120 Crafting an Offensive Strategy 121 Modular Frameworks 124 A Note on Tactical Decisions 126 Summary 127 Chapter 8 Defensive Strategy 129 Failed Tactics 130 Antivirus and Signature-Based Detection 130 Password Policies 132 User Training 134 Crafting a Defensive Strategy 135 Cloud-Based Security 143 Summary 145 Chapter 9 Offensive Case Studies 147 Stuxnet 148 Access 148 Economy 149 Humanity 149 Knowledge 149 Awareness 149 Precaution 150 Innovation 151 Operational Security 151 Program Security 153 Stuxnet Summary 154 Flame 154 Gauss 157 Dragonfly 159 Red October 160 APT 1 162 Axiom 164 Summary 165 Epilogue 167 Appendix Attack Tools 169 Antivirus Defeats 169 Audio/Webcam Recording 170 Backdoor 170 Bootkit 171 Collection Tools 171 Exploits 171 Fuzzer 172 Hardware-based Trojan 172 Implant 173 Keystroke Logger 173 Network Capture 173 Network Survey 173 Network Tunnel 174 Password Dumpers and Crackers 174 Packer 175 Persistence Mechanism 175 Polymorphic Code Generator 177 Rootkit 178 Screen Scraper 178 System Survey 178 Vulnerability Scanner 178 References 179 Bibliography 189 Index 193

About the Author :
MATTHEW MONTE is a security expert with 15 years experience developing computer security tools and strategies for corporations and the U.S. government. His career includes technical and leadership positions in industry and the U.S. intelligence community. He holds a Master of Engineering in Computer Science degree from Cornell University.