0%

Cyberjutsu presents a practical cybersecurity field guide based on the techniques, tactics, and procedures (TTPs) of the ancient ninja. Author Ben McCarty, a cyber warfare specialist and former NSA developer, analyzes once-secret Japanese scrolls, drawing parallels to modern infosec concepts to provide unique insights on defensive and offensive security. He translates the training methodologies of Japan’s most notorious covert agents—history’s first advanced persistent threat (APT)—into highly effective practices for countering information warfare, espionage, supply-chain attacks, zero-day exploits, and more.

Each chapter examines one TTP in detail—like assessing gaps in a target’s defense, striking where the enemy is negligent, and mastering the art of invisibility—and explains what the concept can teach us about the current cybersecurity landscape. McCarty recommends in-depth mitigations and security controls, mapped to the NIST 800-53 standard, and a “Castle Theory Thought Exercise” that helps you apply the ancient lesson to protect your castle (network) from enemy ninja (cyber threat actors). You’ll discover the effectiveness of ancient social engineering strategies and trap-based security controls; see why mapping your network like an adversary gives you the advantage; and apply lessons from old-world tools, like the “ninja ladder,” to prevent attacks.

Topics also include:

•Threat modeling, threat intelligence, and targeted controls
•Countermeasures like network sensors, time-based controls, airgaps, and improved authentication protocols
•Profiles of insider threats, and ways to recognize them in employees
•Covert communication TTPs and their implications for malware command and control (C2)
•Methods for detecting attackers, preventing supply-chain attacks, and defending against zero-day exploits

In this book, you’ll see the astonishing power of ninja information-gathering processes—and how adopting them just might be the key to innovating contemporary cybersecurity models.

Table of Contents

  1. Title Page
  2. Copyright
  3. Dedication
  4. About the Author
  5. Foreword
  6. Acknowledgments
  7. Introduction
    1. About This Book
    2. A Note on the Castle Theory Thought Exercises
    3. For Future Use
    4. A Ninja Primer
    5. The Historical Ninja
    6. The Ninja Scrolls
    7. Ninja Philosophy
    8. Ninja Techniques
  8. Chapter 1: Mapping Networks
    1. Understanding Network Maps
    2. Collecting Intelligence Undetected
    3. Creating Your Map
    4. Recommended Security Controls and Mitigations
    5. Debrief
  9. Chapter 2: Guarding with Special Care
    1. Understanding Attack Vectors
    2. The Concept of Guarding
    3. Guarding Within a Cybersecurity Framework
    4. Threat Modeling
    5. Using Threat Modeling to Find Potential Attack Vectors
    6. Recommended Security Controls and Mitigations
    7. Debrief
  10. Chapter 3: Xenophobic Security
    1. Understanding Anti-Privilege
    2. The Problem with Interoperability and Universal Standards
    3. Developing Unique Characteristics for Your Environment
    4. Recommended Security Controls and Mitigations
    5. Debrief
  11. Chapter 4: Identification Challenge
    1. Understanding Authentication
    2. Developing Matched-Pair Authenticators
    3. Recommended Security Controls and Mitigations
    4. Debrief
  12. Chapter 5: Double-Sealed Password
    1. A Concealed 2-Step Authentication
    2. Developing Double-Sealed Passwords
    3. Recommended Security Controls and Mitigations
    4. Debrief
  13. Chapter 6: Hours of Infiltration
    1. Understanding Time and Opportunities
    2. Developing Time-Based Security Controls and Anomaly Detectors
    3. Recommended Security Controls and Mitigations
    4. Debrief
  14. Chapter 7: Access to Time
    1. The Importance of Time
    2. Keeping Time Confidential
    3. Determine Your Baseline
    4. Assess Technical Capability
    5. Establish Policy
    6. Recommended Security Controls and Mitigations
    7. Debrief
  15. Chapter 8: Tools
    1. Living Off the Land
    2. Securing Tools
    3. Recommended Security Controls and Mitigations
    4. Debrief
  16. Chapter 9: Sensors
    1. Identifying and Detecting Threats with Sensors
    2. Better Sensors
    3. Recommended Security Controls and Mitigations
    4. Debrief
  17. Chapter 10: Bridges and Ladders
    1. Network Boundary Bridging
    2. Countering Bridges
    3. Recommended Security Controls and Mitigations
    4. Debrief
  18. Chapter 11: Locks
    1. Physical Security
    2. Improving Locks
    3. Recommended Security Controls and Mitigations
    4. Debrief
  19. Chapter 12: Moon on the Water
    1. Social Engineering
    2. Defenses Against Social Engineering
    3. Recommended Security Controls and Mitigations
    4. Debrief
  20. Chapter 13: Worm Agent
    1. Insider Threats
    2. A New Approach to Insider Threats
    3. Recommended Security Controls and Mitigations
    4. Debrief
  21. Chapter 14: Ghost on the Moon
    1. Implants
    2. Protections from Implants
    3. Recommended Security Controls and Mitigations
    4. Debrief
  22. Chapter 15: The Art of the Fireflies
    1. Attribution
    2. Approaches to Handling Attribution
    3. Recommended Security Controls and Mitigations
    4. Debrief
  23. Chapter 16: Live Capture
    1. Live Analysis
    2. Confronting Live Threats
    3. Recommended Security Controls and Mitigations
    4. Debrief
  24. Chapter 17: Fire Attack
    1. Destructive Cyber Attacks
    2. Safeguards from (Cyber) Fire Attacks
    3. Recommended Security Controls and Mitigations
    4. Debrief
  25. Chapter 18: Covert Communication
    1. Command and Control Communication
    2. Controlling Coms
    3. Recommended Security Controls and Mitigations
    4. Debrief
  26. Chapter 19: Call Signs
    1. Operator Tradecraft
    2. Detecting the Presence of Call Signs
    3. Recommended Security Controls and Mitigations
    4. Debrief
  27. Chapter 20: Light, Noise, and Litter Discipline
    1. Cyber Light, Noise, and Litter
    2. Detection Discipline
    3. Recommended Security Controls and Mitigations
    4. Debrief
  28. Chapter 21: Circumstances of Infiltration
    1. Adversarial Opportunity
    2. Adversarial Adversity
    3. Recommended Security Controls and Mitigations
    4. Debrief
  29. Chapter 22: Zero-Days
    1. Zero-Day
    2. Zero-Day Defense
    3. Recommended Security Controls and Mitigations
    4. Debrief
  30. Chapter 23: Hiring Shinobi
    1. Cybersecurity Talent
    2. Talent Management
    3. Recommended Security Controls and Mitigations
    4. Debrief
  31. Chapter 24: Guardhouse Behavior
    1. Security Operations Center Issues and Expectations
    2. Influencing Behavior
    3. Recommended Security Controls and Mitigations
    4. Debrief
  32. Chapter 25: Zero-Trust Threat Management
    1. Threat Opportunity
    2. Blocking the Suspicious
    3. Recommended Security Controls and Mitigations
    4. Debrief
  33. Chapter 26: Shinobi Tradecraft
    1. Techniques, Tactics, and Procedures
    2. Pyramid of Pain
    3. ATT&CK Framework
    4. Threat Intelligence
    5. Cyber Threat Intelligence
    6. Recommended Security Controls and Mitigations
    7. Debrief
  34. Endnotes
    1. Chapter 1, Mapping Networks
    2. Chapter 2, Guarding with Special Care
    3. Chapter 3, Xenophobic Security
    4. Chapter 4, Identification Challenge
    5. Chapter 5, Double-Sealed Password
    6. Chapter 6, Hours of Infiltration
    7. Chapter 7, Access to Time
    8. Chapter 8, Tools
    9. Chapter 9, Sensors
    10. Chapter 10, Bridges and Ladders
    11. Chapter 11, Locks
    12. Chapter 12, Moon on the Water
    13. Chapter 13, Worm Agent
    14. Chapter 14, Ghost on the Moon
    15. Chapter 15, The Art of the Fireflies
    16. Chapter 16, Live Capture
    17. Chapter 17, Fire Attack
    18. Chapter 18, Covert Communication
    19. Chapter 19, Call Signs
    20. Chapter 20, Light, Noise, and Litter Discipline
    21. Chapter 21, Circumstances of Infiltration
    22. Chapter 22, Zero-Days
    23. Chapter 23, Hiring Shinobi
    24. Chapter 24, Guardhouse Behavior
    25. Chapter 25, Zero-Trust Threat Management
    26. Chapter 26, Shinobi Tradecraft
  35. Index
44.200.49.193