Contents
1 Introduction to Security Threats
2 The 2014–2015 Anthem Blue Cross and Blue Shield Break-In Case Study
Step 2: Picking the Right Target and Spear Phishing Them
Next Steps to Establish an Undetectable Anonymous Persistent Presence
Password Decryption Process and Equipment
Tool 1: Initial Spear-Phishing Entry Leading to the ScanBox Keystroke Logger
Tool 2: Setting Up an Anonymous Path Using Tor
Tool 3: CrowdStrike Identified Hacker Clusters, China Chopper Web-Shell Controller
CrowdStrike’s Identified Hacking Clusters
China Chopper Web Shell Controller
Types of Common Monitoring Software Employed
Looking for Derusbi Parsing Software
3 Anonymous Persistent Threats
Rivest–Shamir–Adleman (RSA) Identified Shell Crew
Kaspersky Lab Has Identified a Recent Attack Group That Identifies Its Tools as Careto: The Mask
First Principle of Code Protection: Code Isolation and Confinement
Implementation of the Four Code-Confinement Methods
Linux’s Ptrace Monitor and Systrace Routines
Employing Applications Such as Ostia or NACI
Threats to Computer Virtualization
5 Providing a Secure Architecture
Providing a Secure Architecture
Browser Isolation and Least Privilege
Spear Phishing and Behavioral Attacks
Spoofing, Digital Misrepresentation, and Mobile Security
6 The Hacker Strategy: Expanded
Lab Analysis and Learning Vulnerabilities
Basic Control of Hijacking Attacks
Advanced Hijacking Attacks: Heap Spraying
The Final Solution to Hacking Attacks
7 Malware, Viruses, Worms, Bugs, and Botnets
Botnets: Process and Components and History
A More Detailed Examination of Malware, Viruses, Trojans, and Bots/Botnets
Some Examples of Historical Worm Attacks
Code Red I and Code Red II Worms
Sneakiness and Side-Channel Attacks
Exploiting Side Channels for Stealth Scanning
Detecting Attacks and Removal Systems
Host-Based and Network-Based Intrusion Detection Systems
Network-Based Intrusion Detection Systems
Host-Based Intrusion Detection Systems
Honeypot Traps out in the Network
Statistical Anomaly and Signature-Based IDSs
Detecting Attacks and Attackers with Examples
The Problem of Detecting Attacks
What Is Another Method to Detect This Attack?
8 Cryptography and the RSA Algorithm
Data Encryption Standard and Advanced Encryption Standard
Modern Approaches for Breaking Encryption
More Cryptography, Private-Key, Public-Key Encryption, RSA Algorithm Details
9 Browser Security and Cross-Site Scripting
10 Banking Security, Zeus, and SpyEye
Risk Management Process for Banks
Online Fraud and the Impacts of Zeus and SpyEye Attacks
More Examples of Injection-Based Attacks
A Review of the ScanBox Software
12 Session Management, User Authentication, and Web Application Security
Session Management and User Authentication
Structured Query Language Injection
An SQL Injection Example: The CardSystems Solutions Attack
Example of an XSS Attack on PayPal
Session Management and User Authentication Conclusion
13 Web Security, DNS Security, and the Internet
14 Network Security and Defenses
Internet Control Message Protocol
Distributed Denial-of-Service Attacks
Cryptographic Network Protection
Physical/Link-Layer Threats: Eavesdropping
Physical/Link-Layer Threats: Spoofing
15 Network Security Protocols and Defensive Mechanisms
Layer 2: Link-Layer Connectivity of Wireless
TCP/IP Basic Layer 2–3 Security Problems
Defense Mechanisms That Can Be Employed
Several Different Protocols Then Apply to These Modes
Filtering Network Traffic at the IP Level
Firewall Stateful Packet Filtering
Two Critical Infrastructure Protocols: BGP and DNS
Infrastructure Protocols for DNS and DNSSEC
Security Principle Reference Monitors
Comparison of Mobile Platforms
Development of iOS Applications
Apple iOS versus Android Operating System Comparisons
Windows Mobile Models 7 and 8 Devices
Windows Phone OS 7.0 Security Model
.NET Code Access Security That Can Be Exploited on Windows Phones
Attack Vectors for Mobile Devices
18 Cellular Access Security: 4G LTE, Mobile WiMAX, 5G, and MIMOs
First-Generation Cellular Network
Second-Generation Cellular Network
Third-Generation Cellular Network
Goals and Objectives in Security
Boundaries and Limitations in Security
WiMAX Security, Threats, and Solutions
4G LTE Security, Threats, and Solutions
Regulatory WLAN Security Standards
Wire Lined to Wireless Transition
Corporate Background of Wireless Networks
Wireless Network Security Methods
CIA Triangle of Confidentiality, Integrity, and Availability
Security Tokens and Software Tokens
Wireless Security History, Standards, and Developments
Temporal Key Integrity Protocol (TKIP)
Extensible Authentication Protocol (EAP)
Lightweight Extensible Authentication Protocol (LEAP)
Protected Extensible Authentication Protocol (PEAP)
Wireless Transport Layer Security (WTLS)
20 The Stuxnet Worm and the Vulnerability of the U.S. Electric Power Grid
More Details of the Stuxnet Worm Used for Cyber Warfare
Path 3: Via the MS10-061 Print Spooler 0-Day Vulnerability
Path 4: Via the MS08-067 SMB Vulnerability
Response and Industrial Control Security
The Vulnerable U.S. Electronic Power Grid
Components and Operating Elements of the U.S. Electric Power Grid
Irreplaceable Large Power Transformers and Our Smart Grid Risk
Programmable Logic Controllers
Distribution Transformers and Controllers
Local PLC Inner-Loop Controller