A practical guide to understanding and analyzing cyber attacks by
advanced attackers, such as nation states.
Cyber attacks are no longer the domain of petty criminals. Today,
companies find themselves targeted by sophisticated nation state
attackers armed with the resources to craft scarily effective campaigns.
This book is a detailed guide to understanding the major players in
these cyber wars, the techniques they use, and the process of analyzing
their advanced attacks. Whether you're an individual researcher or part
of a team within a Security Operations Center (SoC), you'll learn to
approach, track, and attribute attacks to these advanced actors.
The first part of the book is an overview of actual cyber attacks
conducted by nation-state actors and other advanced organizations. It
explores the geopolitical context in which the attacks took place, the
patterns found in the attackers' techniques, and the supporting evidence
analysts used to attribute such attacks. Dive into the mechanisms of:
North Korea's series of cyber attacks against financial institutions,
which resulted in billions of dollars stolen
The world of targeted ransomware attacks, which have leveraged nation
state tactics to cripple entire corporate enterprises with ransomware
Recent cyber attacks aimed at disrupting or influencing national
elections globally
The book's second part walks through how defenders can track and
attribute future attacks. You'll be provided with the tools, methods,
and analytical guidance required to dissect and research each stage of
an attack campaign. Here, Jon DiMaggio demonstrates some of the real
techniques he has employed to uncover crucial information about the 2021
Colonial Pipeline attacks, among many other advanced threats. He now
offers his experience to train the next generation of expert analysts.
