A practical guide to understanding and analyzing cyber attacks by advanced attackers such as
nation states. Cyber attacks are no longer the domain of petty criminals. Today companies
find themselves targeted by sophisticated nation state attackers armed with the resources to
craft scarily effective campaigns. This book is a detailed guide to understanding the major
players in these cyber wars the techniques they use and the process of analyzing their
advanced attacks. Whether you’re an individual researcher or part of a team within a Security
Operations Center (SoC) you’ll learn to approach track and attribute attacks to these
advanced actors. The first part of the book is an overview of actual cyber attacks conducted
by nation-state actors and other advanced organizations. It explores the geopolitical context
in which the attacks took place the patterns found in the attackers’ techniques and the
supporting evidence analysts used to attribute such attacks. Dive into the mechanisms of:
North Korea’s series of cyber attacks against financial institutions which resulted in
billions of dollars stolen The world of targeted ransomware attacks which have leveraged
nation state tactics to cripple entire corporate enterprises with ransomware Recent cyber
attacks aimed at disrupting or influencing national elections globally The book’s second part
walks through how defenders can track and attribute future attacks. You’ll be provided with the
tools methods and analytical guidance required to dissect and research each stage of an
attack campaign. Here Jon DiMaggio demonstrates some of the real techniques he has employed to
uncover crucial information about the 2021 Colonial Pipeline attacks among many other advanced
threats. He now offers his experience to train the next generation of expert analysts.
