Ultimate Cyberwarfare for Evasive Cyber Tactics: Unravel the Techniques of Cyberwarfare, Hacktivism and Asymmetric Conflicts for Tactical Excellence with Real-world Use Cases and Strategic Insights 9788196890315
Attackers have to be only right once, but just one mistake will permanently undo them. Key Features ● Explore the nuanc
121 54
English Pages 287 Year 2024
Table of contents :
Cover Page
Title Page
Copyright Page
Dedication Page
About the Author
About the Technical Reviewer
Acknowledgements
Preface
Errata
Table of Contents
1. History of Cyber Conflicts
Introduction
Structure
The Jester (2010–2016)
Anonymous and Sabu (from 2003 to Present)
Christopher Rennie Glenn (2003-2014)
David Kee Crees, AKA “DR32” and “Abdilo” and “Gray Hat Mafia’s Bitch” (2014-2021)
SolarWinds Breach (2020)
ProxyLogon/Hafnium/APT-40/Microsoft Exchange Server Mass Exploitation (2021)
Albert Gonzalez, Shadowcrew, and Heartland Payment Systems (1995-2008)
Kevin Mitnick (1963-2023)
The Simplest Vendor Bypass Ever Done
Conclusion
References
2. Notable Threats and Trends
Introduction
Structure
Data Collection, Data Brokers, and Abuse of Commercially Available Intelligence by Adversaries
Misinformation
The Shift from Vendor Cooperation to In-House Malware Cooperation
Proliferation of Malicious AI and Machine Learning Attacks
Grim Predictions on the Future of Tech Job Security and How to Adapt
Suggestions
Conclusion
References
3. Operational Security Successes and Failures
Introduction
Structure
Changing Attribution of Nation-State Threat Actors
Shifts in Bulletproof Hosting Trends and Using Warrant Canaries
Evidence Destruction with LUKS (Kali Linux Only)
Evidence Destruction with LUKS (Hands-On, Distro Agnostic)
Introduction to Shufflecake for Personal Device Encryption
NukeMyLUKS - Original
The Case Study of Paras Jha and the Mirai Botnet Creators
Surveillance
The Re-emergence of Wireless Hacking
Personal Story: Dmitry Zhuravlev, Leaker of VMProtect
Conclusion
References
4. The Information Warfare Component
Introduction
Structure
Founding Fathers
Daniel M. Kelley and Cybersecurity & Growth
Twitter/X “Disappears” All Media and Links from 2011 to 2014
Clandestine Cell Systems
Usage of the Clandestine Cell System in Resistance Groups, the Military, and Law Enforcement
Cambridge Analytica Scandal and “Psychological Weapons” of Social Media
Enhanced Interrogation Techniques
Politics, Dictators, and Useful Idiots
Splinternets
Exercise of Sharp Power by Adversarial Information Warfare Campaigns
Perceptions of Cyber Attacks by Russia in the 2022 Conflict
Wrapping Up
Conclusion
References
5. Programming Languages, Tools, and Frameworks
Introduction
Structure
C/C++
Go
Rust
Nim
Fileless Malware
C#, .NET, and Powershell
Python
Frameworks
Conclusion
References
6. Setting Up Your Malware Lab
Introduction
Structure
SSL-Pinning, Windows Error Reporting, and False Alerts
The Target Box
Configuring SecurityOnion
Configuring Sysmon 15
Configuring Wazuh Agents
The Malware Development Box
DefenderCheck
WDExtract
GHIDRA + Amazon Corretto
PE-Sieve, PE-Bear, Mal-Unpack
Intel PIN and TinyTracer
X32dbg/x64dbg
SysInternals, Process Hacker 2, API Monitor, sRDI
Configuring Windows Debugger and Debuggees for Malicious Driver Development
Squid SSL-Bumping to Monitor Telemetry Communications
Squid Proxy On Your Host
Intercepted Windows VM Guest (Target Box)
Squid Proxy On Your Host: Part 2
Conclusion
References
7. Proof-of-Concept Evasive Malware
Introduction
Structure
The Main Implant
Shellcode Runner
Producing Encrypted Shellcode
Sysmon Finders
Sysmon Killers
Eventlog Tracing for Windows Patching
Eventlog Tracing for Windows Thread Locking
Memory Evasion Shellcode from Havoc
Command-Line Obfuscation
Scantime Detection Evasion
Rootkit Installer
Rootkit Usage
Testing Our Payload
Conclusion
References
8. Evasive Adversarial Tradecraft
Introduction
Structure
Obfuscation Principles
Threat Actor Attack Chains
Forensic Evasion
Detection Evasion
Network Evasion
Conclusion
References
9. Emerging Threats and Trends
Introduction
Structure
Data Brokers: A National Security Threat
How Data Collection, Data Breaches, and Insider Threats Create an Underground Economy
Cyber Mercenaries
Banks Discriminating Against Customers and Closing Their Accounts
The Politicization of Not Just Science, but STEM
Labor Abuse in Infosec and Tech
Dangerous Politics
AI Issues
Government Surveillance, Fight to Preserve Section 702, and Abuses of the Surveillance Capitalism Apparatus by Private and Public Parties
Electronics Sanctions and Bans
The Brutal World of Cybercrime
Fast Exploitation of Reported Vulnerabilities
Splinternet Attacks
Being an Influencer Can Be Bad for Your Health
Conclusion
References
Index
Cover Page
Title Page
Copyright Page
Dedication Page
About the Author
About the Technical Reviewer
Acknowledgements
Preface
Errata
Table of Contents
1. History of Cyber Conflicts
Introduction
Structure
The Jester (2010–2016)
Anonymous and Sabu (from 2003 to Present)
Christopher Rennie Glenn (2003-2014)
David Kee Crees, AKA “DR32” and “Abdilo” and “Gray Hat Mafia’s Bitch” (2014-2021)
SolarWinds Breach (2020)
ProxyLogon/Hafnium/APT-40/Microsoft Exchange Server Mass Exploitation (2021)
Albert Gonzalez, Shadowcrew, and Heartland Payment Systems (1995-2008)
Kevin Mitnick (1963-2023)
The Simplest Vendor Bypass Ever Done
Conclusion
References
2. Notable Threats and Trends
Introduction
Structure
Data Collection, Data Brokers, and Abuse of Commercially Available Intelligence by Adversaries
Misinformation
The Shift from Vendor Cooperation to In-House Malware Cooperation
Proliferation of Malicious AI and Machine Learning Attacks
Grim Predictions on the Future of Tech Job Security and How to Adapt
Suggestions
Conclusion
References
3. Operational Security Successes and Failures
Introduction
Structure
Changing Attribution of Nation-State Threat Actors
Shifts in Bulletproof Hosting Trends and Using Warrant Canaries
Evidence Destruction with LUKS (Kali Linux Only)
Evidence Destruction with LUKS (Hands-On, Distro Agnostic)
Introduction to Shufflecake for Personal Device Encryption
NukeMyLUKS - Original
The Case Study of Paras Jha and the Mirai Botnet Creators
Surveillance
The Re-emergence of Wireless Hacking
Personal Story: Dmitry Zhuravlev, Leaker of VMProtect
Conclusion
References
4. The Information Warfare Component
Introduction
Structure
Founding Fathers
Daniel M. Kelley and Cybersecurity & Growth
Twitter/X “Disappears” All Media and Links from 2011 to 2014
Clandestine Cell Systems
Usage of the Clandestine Cell System in Resistance Groups, the Military, and Law Enforcement
Cambridge Analytica Scandal and “Psychological Weapons” of Social Media
Enhanced Interrogation Techniques
Politics, Dictators, and Useful Idiots
Splinternets
Exercise of Sharp Power by Adversarial Information Warfare Campaigns
Perceptions of Cyber Attacks by Russia in the 2022 Conflict
Wrapping Up
Conclusion
References
5. Programming Languages, Tools, and Frameworks
Introduction
Structure
C/C++
Go
Rust
Nim
Fileless Malware
C#, .NET, and Powershell
Python
Frameworks
Conclusion
References
6. Setting Up Your Malware Lab
Introduction
Structure
SSL-Pinning, Windows Error Reporting, and False Alerts
The Target Box
Configuring SecurityOnion
Configuring Sysmon 15
Configuring Wazuh Agents
The Malware Development Box
DefenderCheck
WDExtract
GHIDRA + Amazon Corretto
PE-Sieve, PE-Bear, Mal-Unpack
Intel PIN and TinyTracer
X32dbg/x64dbg
SysInternals, Process Hacker 2, API Monitor, sRDI
Configuring Windows Debugger and Debuggees for Malicious Driver Development
Squid SSL-Bumping to Monitor Telemetry Communications
Squid Proxy On Your Host
Intercepted Windows VM Guest (Target Box)
Squid Proxy On Your Host: Part 2
Conclusion
References
7. Proof-of-Concept Evasive Malware
Introduction
Structure
The Main Implant
Shellcode Runner
Producing Encrypted Shellcode
Sysmon Finders
Sysmon Killers
Eventlog Tracing for Windows Patching
Eventlog Tracing for Windows Thread Locking
Memory Evasion Shellcode from Havoc
Command-Line Obfuscation
Scantime Detection Evasion
Rootkit Installer
Rootkit Usage
Testing Our Payload
Conclusion
References
8. Evasive Adversarial Tradecraft
Introduction
Structure
Obfuscation Principles
Threat Actor Attack Chains
Forensic Evasion
Detection Evasion
Network Evasion
Conclusion
References
9. Emerging Threats and Trends
Introduction
Structure
Data Brokers: A National Security Threat
How Data Collection, Data Breaches, and Insider Threats Create an Underground Economy
Cyber Mercenaries
Banks Discriminating Against Customers and Closing Their Accounts
The Politicization of Not Just Science, but STEM
Labor Abuse in Infosec and Tech
Dangerous Politics
AI Issues
Government Surveillance, Fight to Preserve Section 702, and Abuses of the Surveillance Capitalism Apparatus by Private and Public Parties
Electronics Sanctions and Bans
The Brutal World of Cybercrime
Fast Exploitation of Reported Vulnerabilities
Splinternet Attacks
Being an Influencer Can Be Bad for Your Health
Conclusion
References
Index
- Author / Uploaded
- Chang Tan
