- A
- Abagnale, Frank, 221, 223–224
- ABAP (Advanced Business Application Programming), 8
- active observations, 100
- active recon, 149–150
- Advanced Business Application Programming (ABAP), 8
- advantageous information, 42–43
- aerial surveillance, 154
- affective component, of psychology, 246–247
- agility, 83–86
- Alperen, Martin J.
- Foundations of Homeland Security: Law and Policy, 177–178
- Always Being Right, 214
- “Always Leave Home Without It: A Further Investigation of the Credit-Card Effect on Willingness to Pay” (Prelec and Simester), 248
- Amazon, 195
- Ambady, Nalini, 233–234
- American Psychological Association (APA), 226
- AMs (Attacker Mindset)
- about, 3–6
- applied to attack vectors, 184–203
- attacker meaning, 9–11
- cognitive skills of, 10–11
- laws of, 65–81
- mindset meaning, 9–11
- as a needed set of skills, 11–15
- observation and, 122–123
- offensive vs. defensive, 17–35
- for ordinary people, 243–246
- social engineering vs., 59–60
- on the spectrum, 268–269
- states of, 10
- using, 6–9
- AMsF (Attacker Mindset Framework)
- about, 37–38
- development phase, 39–52
- ethics, 52–57
- social engineering and security, 57–60
- amygdala hijacking, 250–252
- anchoring bias, 39
- Anderson, Ross
- Security Engineering, 183
- Antifragile: Things That Gain from Disorder (Taleb), 264
- antifragility, 264–265
- anxiety control, DAMs and, 32–34
- APA (American Psychological Association), 226
- Apple, 87–89
- application, of development phase, 48–51
- approachability, 97
- arc, vector vs., 127–128
- Area 51, 228
- attack strategy
- about, 173–174
- AMs applied to attack vectors, 184–203
- attack surface, 183
- attacks in action, 175–177
- necessity of engagement and winning, 179–182
- strategic environment, 177–179
- attack surface
- about, 183
- analyzing your, 252–255
- vulnerabilities, 183
- attack vectors
- about, 184
- impersonation, 196–199
- Manhattan Bank case, 200–203
- mass phish, 185–186
- phishing, 184–185
- physical, 199–200
- smishing, 195–196
- spearphishing, 186–187
- vishing, 190–195
- whaling, 187–190
- attacker, 9–11
- Attacker Mindset (AMs)
- about, 3–6
- applied to attack vectors, 184–203
- attacker meaning, 9–11
- cognitive skills of, 10–11
- laws of, 65–81
- mindset meaning, 9–11
- as a needed set of skills, 11–15
- observation and, 122–123
- offensive vs. defensive, 17–35
- for ordinary people, 243–246
- social engineering vs., 59–60
- on the spectrum, 268–269
- states of, 10
- using, 6–9
- Attacker Mindset Framework (AMsF)
- about, 37–38
- development phase, 39–52
- ethics, 52–57
- social engineering and security, 57–60
- attacks
- designing, 73
- implementing, 73
- psychology in, 205–239
- B
- Baidu Maps, 168
- Barlow, John Perry, 88
- Barnum effect, 185–186
- baselines, 115, 118
- Bayer, Julia, 164–166
- Bazzell, Michael
- Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information, 148
- behavior, thin slices of, 233–234
- behavioral security, 246–250, 263
- Bellingcat, 167–168
- Bernard, Claude, 100
- Bezos, Jeff, 195
- bias, 39
- “Binocular Trick,” 213
- Bitcoin-Twitter scam, 259
- “Black-and-White Thinking,” 212–213
- Blink: The Power of Thinking Without Thinking (Gladwell), 110, 234
- brain
- about, 26–27, 29–30
- observations vs., 102–107
- ‘A Brief History of Open Source Intelligence’ (Colquhoun), 153
- bring-your-own-device (BYOD) strategy, 182
- Bureau of Intelligence and Research (INR), 150
- business protection
- about, 257–258
- antifragility, 264–265
- complex policy, 263–264
- full spectrum of crises, 266–269
- indicators of attack (IOA), 258
- non-technical measures, 258–260
- red teams, 261–262
- survivorship bias, 261–262
- testing, 261–262
- BYOD (bring-your-own-device) strategy, 182
- C
- capture-the-flag events (CTFs), 111
- capturing someone's “baseline,” 115
- Carmichael, Scott, 41
- Carrot, 149
- Castro, Fidel, 40
- catastrophizing, 213
- Catch Me If You Can (film), 224
- Central Intelligence Agency (CIA), 79–80, 150, 151, 152
- character
- commitment to your, 50
- confidence in your, 49
- chess player analogy, 111, 125, 214–215, 217
- CIA (Central Intelligence Agency), 79–80, 150, 151, 152
- clarity, 71–72
- Clutch, 263
- cognitive component, of psychology, 246–247
- cognitive distortions, 212–213
- Colquhoun, Cameron
- ‘A Brief History of Open Source Intelligence,’ 153
- comfort, risk and, 22–23
- COMINT (Communications intelligence), 154
- commitment, to your character, 50
- common sense, skills and, 95–98
- Communications intelligence (COMINT), 154
- company culture, 129
- compartmentalization, 97–98
- competence, 96
- confidence, in your character, 49
- confirmation bias, 228–231
- “The Conjunction Fallacy in Probability Judgement” (Tversky and Kahneman), 107–109
- consistency, DAMs and, 31–32
- Consolidated Statement of Financial Condition, 46
- Control Fallacies, 213–214
- cooperation, 97
- Corneretto, Roger, 40
- critical thinking
- CrowdStrike, 258
- CTFs (capture-the-flag events), 111
- cultural norms, 118
- curiosity
- about, 83–86
- cultivating, 87
- cyberattacks/cybercrime
- about, 49
- evolution of, 267
- cybersecurity, defensive, 19
- D
- DAMs. See defensive attacker mindset (DAMs)
- default to truth, 236–239
- defensive attacker mindset (DAMs)
- about, 17–35, 31–35
- intuition and, 111
- offensive attacker mindset (OAMs) vs., 175
- defensive cybersecurity, 19
- defensive security, 18–19
- dependability, 97
- designing attacks, 73
- deterrence, 180–182
- development phase, of Attacker Mindset Framework (AMsF), 39–52
- DiCaprio, Leonardo, 224
- Disregard bucket, 100
- distraction, DAMs and, 34–35
- Donovan, William, 151
- Duped: Truth-Default Theory and the Social Science of Lying and Deception (Levine), 236
- E
- EA (ethical attacker), 19–20, 175, 179–180, 206–207
- earthquakes, 18–19
- education, critical thinking and, 128
- EFF (Electronic Frontier Foundation), 88
- efficiency, 72
- Ego Is the Enemy (Holiday), 211–212
- ego suppression, 211
- ego suspension, 210–216
- Electronic Frontier Foundation (EFF), 88
- elite information, 42–43
- emergency conditioning, 26–31
- Emotional Intelligence (Goleman), 250–251
- Emotional Reasoning, 213
- empathy, 225
- engagement, necessity of, 179–182
- Enne, Olli, 167
- Ennis, Robert, 125
- episodic, 129–130
- ethical attacker (EA), 19–20, 175, 179–180, 206–207
- ethics
- about, 52
- intellectual, 53
- reactionary, 53–57
- Europol, 166–167, 169
- eustress, 29
- Every Move Made Benefits the Objective law, 80–81
- exercises
- curiosity, persistence, and agility, 87–92
- observation, 116–121
- ExifTool, 149
- ExploitDB, 8
- “Extreme Privacy: What It Takes to Disappear,” 253
- F
- Facebook, 87–89, 146, 148, 187–188, 197
- “Facebook and Apple are in a fight” (Ingram), 87–88
- FBIS (Foreign Broadcast Information Service), 151
- Federal Trade Commission (FTC), 208
- Few, Stephen
- Signal: Understanding What Matters in a World of Noise, 156
- “fight or flight” mode, 32–33
- File Transfer Protocol (FTP), 155
- financial intelligence (FININT), 155
- Firefox, 147
- flags, 191
- Ford, Gerald, 41
- Foreign Broadcast Information Service (FBIS), 151
- Foundations of Homeland Security: Law and Policy (Alperen), 177–178
- framing effect, 231–233
- FTC (Federal Trade Commission), 208
- FTP (File Transfer Protocol), 155
- fully committing, 73
- fungibility, 248–249
- G
- Gather, Weaponize, and Leverage Information law, 75–77
- geospatial intelligence (GEOINT), 154
- Gilmore, John, 88
- Gladwell, Malcolm
- Blink: The Power of Thinking Without Thinking, 110, 234
- Global File Search, 155
- Goldilocks effect, 30, 92
- Goleman, Daniel
- Emotional Intelligence, 250–251
- Google, 122, 187–188
- Google dork, 45–46, 137, 148
- Google Earth, 168
- Google Earth Pro, 162
- Google Hacks, 137
- Google Translate, 147
- Gorman, Sara, 51
- “Green Revolution,” 152
- H
- Hadnagy, Christopher, 55–57
- ‘Have I Been Pwned?,’ 252
- Helmuth von Moltke the Elder, 126
- help, asking for, 210–216
- heuristics, observations vs., 107–109
- Hidden region (TAWM), 219
- Holiday, Ryan
- Ego Is the Enemy, 211–212
- Howard, Edward Lee, 80
- human attacks, 48
- human intelligence (HUMINT), 153
- humility, 210–216
- hunt mode, 21
- Hunter, David A.
- A Practical Guide to Critical Thinking, 126
- Hurricane Sandy, 18–19
- I
- imagery intelligence (IMINT), 154
- impersonation, 196–199
- implementing attacks, 73
- indicators of attack (IOA), 257, 258
- indicators of compromise-based (IOC-based) detection, 257–258
- individual protection
- amygdala hijacking, 250–252
- analyzing attack surface, 252–255
- Attacker Mindset (AMs), 243–246
- behavioral security, 246–250
- induced observations, 100
- Industrial & Commercial Bank of China, 265
- information processing
- about, 99–102, 123–124, 132–133, 135–136
- active recon, 149–150
- AMs and observation, 122–123
- brain vs. observation, 102–107
- critical thinking, 124–127, 129–130
- education and critical thinking, 128
- nonlinear thinking, 124–127, 131–132
- observation exercise, 116–121
- observation vs. heuristics, 107–109
- observation vs. intuition, 109–114
- observing people, 114–116
- OSINT, 150–155
- passive recon, 145–149
- reconnaissance, 136–145
- signal vs. noise, 155–170
- vector vs. arc, 127–128
- workplace critical thinking, 128–129
- information weaponization, 40–41, 75–77, 158–160
- Ingham, Harry, 218
- Ingram, David
- “Facebook and Apple are in a fight,” 87–88
- Innocent Lives Foundation, 53, 145
- INR (Bureau of Intelligence and Research), 150
- integrity, of attackers, 54
- intel types, 153–154
- intellectual ethics, 53
- intent, of attackers, 54
- internal self-awareness, 116
- intuition, observation vs., 109–114
- IOA (indicators of attack), 257, 258
- IOC-based (indicators of compromise-based) detection, 257–258
- Iranian Green Revolution, 152
- J
- Java, 8
- Johari Window model, 218
- K
- Kahneman, Daniel
- about, 123, 237
- “The Conjunction Fallacy in Probability Judgement,” 107–109
- Thinking Fast and Slow, 237–238
- Kapor, Mitchell, 88
- KGB, 79–80
- Known by All region (TAWM), 218, 219, 220
- Known by Target(s) region (TAWM), 218, 220
- Kolk, Bessel van der, 250
- L
- lateral movement techniques, 208
- laws
- of attack strategies, 174
- of Attacker Mindset (AMs), 65–81
- Lehman Brothers, 44, 48
- Levine, Tim
- Duped: Truth-Default Theory and the Social Science of Lying and Deception, 236
- on truth tendency, 237–238
- like-for-like scenario, 18
- “Linda” case, 107–109
- LinkedIn, 148, 160
- listening, 106
- location security, 253–254
- logic, using, 112–114
- looking, 106
- loss, fear of, 232
- Luft, Joseph, 218
- Luthmann, Richard, 197
- M
- Maersk, 221–222
- magnification, 213
- maintenance, DAMs and, 34–35
- Major League Baseball, 109–110
- Maltego, 162
- Mamma, 149
- Manhattan Bank, 200–203
- Manson, Charles, 41
- mass phish, 185–186
- Masscan, 162
- Mattel, 189
- maturity, 96
- McDonald's, 39
- Mediainfo, 149
- mental accounting, 248
- mental agility, 23–26, 85–86
- military reconnaissance-in-force, 78
- military-level recon, 78
- mind reading, 213
- mindset, 9–11
- minimization, 213
- Misbehaving (Thaler), 247–248
- misdirection, 192
- Montes, Ana, 40–41
- mood, being in a good, 227
- motivated reasoning, 228–231
- N
- narrative effect, 51
- narrow objective, 72
- National Child Protection Taskforce, 145
- National Security Act (1947), 151
- National Security Agency (NSA), 41
- Navarro, Joe, 114
- network attack, 8
- network operations center (NOC), 21
- network pentesting, 27–28, 179
- network security, 255
- Never Break Pretext law, 77–80
- NOC (network operations center), 21
- noise, signal vs., 155–170
- nonlinear thinking, 124–127, 131–132
- non-technical measures, 258–260
- ‘Nothing Thinking/Polarized Thinking,’ 212–213
- NSA (National Security Agency), 41
- NsLookup tool, 28
- O
- OAMs (offensive attacker mindset)
- about, 17–35
- defensive attacker mindset (DAMs) vs., 175
- intuition and, 111
- Obama, Barack, 159
- objectives
- about, 72–74
- tying back to the, 160–170
- observation and thinking techniques
- about, 99–102, 123–124, 132–133
- active observations, 100
- AMs and observation, 122–123
- brain vs. observation, 102–107
- critical thinking, 124–127, 129–130
- education and critical thinking, 128
- nonlinear thinking, 124–127, 131–132
- observation exercise, 116–121
- observation vs. heuristics, 107–109, 109–114
- observing people, 114–116
- vector vs. arc, 127–128
- workplace critical thinking, 128–129
- offensive attacker mindset (OAMs)
- about, 17–35
- defensive attacker mindset (DAMs) vs., 175
- intuition and, 111
- offensive security, 19
- Office of Strategic Services (OSS), 150–151
- Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information (Bazzell), 148
- Open-Source Intelligence (OSINT)
- about, 4, 6, 57, 58, 73, 135, 150, 154, 205–206
- alternative data in, 154–155
- history of, 150–153
- information weaponization, 158–160
- intel types, 153–154
- objectives, 160–170
- operational security (OPSEC), 161
- opportunistic aptitude, 77
- OPSEC (operational security), 161
- optimism bias, 225–228
- The Optimism Bias (Sharot), 225–226
- OSINT (Open-Source Intelligence)
- about, 4, 6, 57, 58, 73, 135, 150, 154, 205–206
- alternative data in, 154–155
- history of, 150–153
- information weaponization, 158–160
- intel types, 153–154
- objectives, 160–170
- OSS (Office of Strategic Services), 150–151
- overgeneralization, 213
- P
- passive observations, 100
- passive recon, 145–149
- penetration testing, 19
- people, observing, 114–116
- perceived control, 227
- persistence, 83–86, 92–95
- personal recon, 162
- persuasive performance, 77
- Phase 1, of development, 43–47
- Phase 2, of development, 47–48
- phishing
- about, 22, 184–185
- mass phish, 185–186
- sextortion, 251–252
- spearphishing, 186–187
- physical assessments, 199–200
- physical attacks, 48
- point of contact (POC), 21
- policies, complexity of, 263–264
- Polymeta, 149
- positive frames, 232
- A Practical Guide to Critical Thinking (Hunter), 126
- Prelec, Drazen
- “Always Leave Home Without It: A Further Investigation of the Credit-Card Effect on Willingness to Pay,” 248
- preloading, 51–52
- pressure, planning, 23–26
- pretext, 77–80, 91, 144, 223
- Pretext bucket, 100
- PricewaterhouseCoopers, 150
- professional common sense, 95–98
- prosocial behavior, 216
- proxy solutions, 147
- psychology
- about, 205
- affective component, 246–247
- asking for help, 210–216
- chess and, 217
- cognitive component, 246–247
- confirmation bias, 228–231
- default to truth, 236–239
- ego suspension, 210–216
- framing effect, 231–233
- humility, 210–216
- importance of, 205–209
- motivated reasoning, 228–231
- optimism bias, 225–228
- target, 221–233
- Target-Attacker Window Model (TAWM), 217–221
- thinslice assessments, 233–236
- R
- RAND Corporation, 151–152
- rapport, 192–193
- reaction time, 207–208
- reactionary ethics, 53–57
- reasoning, using, 112–114
- Recon bucket, 100
- reconnaissance
- about, 136–145
- active recon, 149–150
- military reconnaissance-in-force, 78
- military-level recon, 78
- passive recon, 145–149
- personal recon, 162
- Recon-NG, 162
- recovery, DAMs and, 34–35
- red teams, 261–262
- regulation, DAMs and, 31–32
- respect, 96
- “right time, right place” preload, 51–52
- risk, comfort and, 22–23
- Roosevelt, Franklin D., 151
- Rosenthal, Robert, 233–234
- S
- SAFE (Support for Analysts File Environment) system, 41
- SANS Institute, 141
- SAP NetWeaver, 8
- SAP (systems applications and products) systems, 8
- satellites, 154
- scope, 13–15
- script kiddies, 59
- security
- behavioral, 246–250, 263
- defensive, 18–19
- location, 253–254
- network, 255
- offensive, 19
- operational security (OPSEC), 161
- social engineering and, 57–60
- Security Engineering (Anderson), 183
- security operations center (SOC), 32, 48
- self-awareness, 9, 115–116, 212, 214–215
- self-discipline, 143
- self-evidence, 107–109
- sensitive data, 244–245, 249, 252–253, 254
- sentiment, 155
- sextortion, 251–252
- Sharot, Tali
- The Optimism Bias, 225–226
- Sherlock, 162
- signal, noise vs., 155–170
- Signal: Understanding What Matters in a World of Noise (Few), 156
- signals intelligence (SIGINT), 153–154
- Simester, Duncan
- “Always Leave Home Without It: A Further Investigation of the Credit-Card Effect on Willingness to Pay,” 248
- situational awareness, 27–28
- skills
- common sense and, 95–98
- critical thinking, 130
- Sloman, Steven, 123
- smishing (SMS phishing), 195–196
- SOC (security operations center), 32, 48
- social engineering
- AMs vs., 59–60
- security and, 57–60
- Social Engineering Framework, 55–57
- The Social Engineering Framework Code of Ethics, 55–57
- Software as a Service (SaaS), 258–259
- Soviet Radar Design Bureau, 79
- spearphishing, 163, 186–187
- SpiderFoot, 162
- Splunk, 100
- spontaneous observations, 100
- Start with the End in Mind law, 65–74
- “Stop Child Abuse--Trace an Object” campaign, 167–170
- storytelling, 234
- strategic agility, 178–179
- strategic environment, 177–179
- stress, 29–30
- superiority, whaling and, 190
- Support for Analysts File Environment (SAFE) system, 41
- surveying, 106–107
- survivorship bias, 261–262
- systems applications and products (SAP) systems, 8
- T
- tactical breathing, 33
- Taleb, Nassim Nicholas
- Antifragile: Things That Gain from Disorder, 264
- target psychology
- about, 221–225
- confirmation bias, 228–231
- framing effect, 231–233
- motivated reasoning, 228–231
- optimism bias, 225–228
- Target-Attacked Window Model (TAWM), 217–221
- tech intelligence (TECHINT), 155
- testing, 261–262
- Thaler, Richard
- theHarvester tool, 28
- theoretical attacks, 49
- thinking and observation techniques
- about, 99–102, 123–124, 132–133
- active observations, 100
- AMs and observation, 122–123
- brain vs. observation, 102–107
- critical thinking, 124–127, 129–130
- education and critical thinking, 128
- nonlinear thinking, 124–127, 131–132
- observation exercise, 116–121
- observation vs. heuristics, 107–109, 109–114
- observing people, 114–116
- vector vs. arc, 127–128
- workplace critical thinking, 128–129
- Thinking Fast and Slow (Kahneman), 237–238
- thin-slice assessments, 233–236
- threat hunting, 19
- threat modeling, 255
- Tolkachev, Adolf, 79–80
- TrendMicro, 187
- trustworthiness, 96
- truth, default to, 236–239
- Tversky, Amos, 123
- “The Conjunction Fallacy in Probability Judgement,” 107–109
- Twitter, 152, 197
- U
- Ubiquiti Networks, 197
- Unknown by All region (TAWM), 219
- V
- vector, arc vs., 127–128
- virtual private desktops, 146
- virtual private networks (VPNs), 145–146
- vishing, 190–195
- vulnerabilities, 183
- vulnerability database, 162
- W
- Wald, Abraham, 261–262
- walking and “talking” skill, 105–106
- web scraping, 154
- whaling, 187–190
- winning, necessity of, 179–182
- workplace critical thinking, 128–129
- Wozniak, Steve, 88
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.