A practical guide to understanding and analyzing cyber attacks by advanced attackers such as
nation states.Cyber attacks are no longer the domain of petty criminals. Today companies find
themselves targeted by sophisticated nation state attackers armed with the resources to craft
scarily effective campaigns. This book is a detailed guide to understanding the major players
in these cyber wars the techniques they use and the process of analyzing their advanced
attacks. Whether you’re an individual researcher or part of a team within a Security Operations
Center (SoC) you’ll learn to approach track and attribute attacks to these advanced actors.
The first part of the book is an overview of actual cyber attacks conducted by nation-state
actors and other advanced organizations. It explores the geopolitical context in which the
attacks took place the patterns found in the attackers’ techniques and the supporting
evidence analysts used to attribute such attacks. Dive into the mechanisms of: North Korea’s
series of cyber attacks against financial institutions which resulted in billions of dollars
stolen The world of targeted ransomware attacks which have leveraged nation state tactics to
cripple entire corporate enterprises with ransomware Recent cyber attacks aimed at disrupting
or influencing national elections globally The book’s second part walks through how defenders
can track and attribute future attacks. You’ll be provided with the tools methods and
analytical guidance required to dissect and research each stage of an attack campaign. Here
Jon DiMaggio demonstrates some of the real techniques he has employed to uncover crucial
information about the 2021 Colonial Pipeline attacks among many other advanced threats. He now
offers his experience to train the next generation of expert analysts.
