A
Adaptive Security Platform (ASP) 239
Advanced Persistent Threats (APTs) 7, 8, 11
anti-virus
growth 6
application programming interfaces (APIs) 74
applications
application whitelisting 214
APT attack
advanced 8
persistent 9
threat 9
artificial intelligence (AI) 284
attacks
authentication methods
autonomous vehicle
security issues 59, 60, 62, 63
B
biometrics
as authentication program 274
brain wave-based authentication 274
Bring Your Own Device (BYOD) 25
C
campaigns
mapping, to matrices 146, 147, 149, 150, 151
changeme.py
reference link 265
Chief Information Officer (CIO) 182
Chief Information Security Officers (CISOs) 182
Chinese APT threat groups 10
Chinese manufacturing campaign 141, 143
Command and Control (C2)
modifying 152
comment faking
compliant organizations
Computer Emergency Response Team (CERT) 7
conflicts 178
Credential Harvesting 201
cyber-attack 3
cyber attack campaigns
for coming decade 155
cyber defense
confusion 14
cyber-defense 3
cyber onslaught 88
cyber shot 15
cyber space
false flags corrupt campaign attribution 145, 146
cyberspace 2
about 166
effective strategy 185
cyber warfare
about 171
plan 165
cyber warfare campaigns
Chinese manufacturing campaign 141, 143
Indian Nuclear Plant campaign 140
The US and Libya election interference campaign 143, 144, 145
D
Data Loss Prevention (DLP) 184
data manipulation 286
Deepfakes 285
DeepFakes
about 108
defining 108
DeepMastersPrints 117
Defense Advanced Research Projects Agency (DARPA) 70
Defense Information Systems Agency (DISA) 207
defensive tooling and strategic enablers
about 197
Software-Defined Perimeter 207
demilitarized zone (DMZ) 212
democratic processes
attacking 286
Denial of service (DoS) attacks 82
Department of Defense (DoD) 7, 73
Distributed Denial of Service (DDoS) 138
distributed denial of service (DDoS) attacks 80
Distributed Denial of Service (DDS) attacks 13
drones
security 64, 66, 67, 68, 69, 70
DTrack 141
Duqu 18
dynamic firewalls (DFs) 211
E
Edge and Entity Security (EES) strategy
effective strategy, cyberspace
about 185
concepts, modifying 186
edge, defending 187, 188, 189, 190
ElasticGroovy 200
F
False Flag Operation 139
Federal Bureau of Investigation (FBI) 246
G
General Adversarial Networks (GANs) 109, 111, 113, 114, 115
Google Voice Builder
URL 122
Government Communications Headquarters (GCHQ) 15
governments
H
H8mail 225
Hash Based Message Authentication Code (HMAC) 212
hashtag
about 90
example 91, 92, 93, 94, 95, 96, 97
heartbeat-based authentication 275
Hewlett Packard Enterprises (HPE) 40
High Ground
hoaxing 156, 158, 159, 160, 161
I
Identity and Access Management (IAM) 192
identity provider (IdP) 241
impact from failure, cyber warfare
about 281
compromising healthcare 282
Industrial Control Systems 283
improvised explosive device (IED) 69
Improvised Explosive Devices (IEDs) 169
Indian Nuclear Plant campaign 140
Industrial Control Systems (ICS) 283
Infection Monkey
Infection Monkey tool
infiltration 169
influence attacks 88
influencers
Information Technology Laboratory (ITL) 188
intelligence
intelligence collection 251, 253, 254, 256
Intelligence Research Agency (IRA) 98
IoT devices
Israeli cyber group 11
L
laws
in war 261, 263, 265, 267, 268, 270, 271, 273, 276, 277, 279, 280
Local Security Authority Subsystem (LSASS) 203
M
man-in-the-middle phishing attack
eliminating 247
MasterPrinting 116
Media Access Control (MAC) 207
micro-segmentation
tools and technologies 233
millimeter wave radar (MWR) 62
Ministry of State Security (MSS) 141
mission failure 180, 182, 183, 184, 185
MITRE ATT&CK website
reference link 149
ML AKA DeepVoice
used, for hacking voice 119, 121, 122, 124
modem hacks 5
N
National Institute of Standards and Technology (NIST) 215
National Security Agency (NSA) 16
National Vulnerability Database (NVD) 59
Nation State Disinformation and Election Interference 139, 143
Nation State Espionage and Intelligence Collection 139
Nation State Industrial Espionage and Intelligence Collection 140
Nation State Industrial Espionage Campaign 139
Nation State IP Theft 139
Nation State IP Theft and Intelligence Collection Operations 141
network
network interface card (NIC) 207
NFC 46
North Korean APT threat 10
Nuclear Power Corporation of India Limited (NPCIL) 140
O
offensive swarm-enabled tactics (OFFSET) 71
offensive tooling and strategic enablers
about 217
Office of Personnel Management (OPM) 34
open source intelligence (OSINT) 219
P
Pandora 20
password
password and username paradigm 218
Payment Card Industry (PCI) 186
perimeter-based model of security
scenario, flaws 26, 28, 29, 31
Permissive Action Link (PAL) 44
Personally Identifiable Information (PII) 58
Policy Compute Engine (PCE) 239
privileged access management (PAM) 35
programmable logic controllers (PLC) 16
project completion 177
ProtonMail hack
R
remote browser isolation (RBI) 243
Russian APT threat 10
S
Sambacry 199
Secure Sockets Layer (SSL) 39
Security Information and Event Management (SIEM) 182
security operations center (SOC) 242
Security Technical Implementation Guide (STIG) 279
session hijacking 251
ShellShock 200
Single Sign-On (SSO) 203
SNAP_R attack
running 226
SNAP_R (Social Network Automated Phishing with Reconnaissance 225
Software-Defined Data Center (SDDC) 234
Software-Defined Networking (SDN)
about 233
Software-Defined Perimeter (SDP) 207, 208, 211, 213
application binding 211
device validation 210
dynamic firewalls (DFs) 211
mutual transport layer security 210
single packet authorization 209
speed to market
standard network security practices 184
STIG-suggested configurations
reference link 279
Strategic Air Command (SAC) 44
strategic plan 167
issue 171
nature of combat 168
Struts2 200
T
tactics, techniques, and procedures (TTPs) 153
Text-To-Speech (TTS) 122
The US and Libya election interference campaign 143, 144
threat actors
combining with tactics, for optimizing attack effectiveness 71, 72, 73, 74, 75
threat groups
attribution, avoiding intentionally 151, 153, 154
Tit-for-Tat cyber warfare 19
Transport Layer Security (TLS) 39, 41
Transport Layer Security (TLS) 210
Trin00 80
Triton 18
Turla APT group 150
two-factor authentication (2FA) 244
U
Unified Endpoint Management (UEM) 241
US and allied cyber defense
user activity monitoring (UAM) 253
V
Virtual Enforcement Node (VEN) 239
virtual private network (VPN)
protocols 37
voice
hacking, with ML AKA DeepVoice 119, 121, 122, 124
voice and ambient noise authentication 275, 276
W
Waterbug 150
WebLogic 200
WhatBreach
about 219
APIs 220
features 221
websites 220
Windows Filtering Platform [WFP] 239
Z
ZigBee 46
18.223.125.219