High-Tech Crimes Revealed: Cyberwar Stories from the Digital Front Paperback – Aug 27 2004
No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.
To get the free app, enter your e-mail address or mobile phone number.
From the Inside Flap
Just as thequote above teaches us, let’s not just talk about these issues,let’s understand them.There are many fine books on the market that explainhow hackers exploit computer and networks. They explain the details of theexploits and methods to protect against them, and as such are targeted forthose with strong technical knowledge. That is not the case here. You will notlearn the intricacies of the latest hacking attack. You will learn how hackersuse these exploits, why they use them and in some cases how they get caught. Basically high tech crimes are just a mixture ofregular crimes like theft, fraud, and revenge attacks using new techniques. So,the concepts should be very easy to understand. Because of the subject nature,there are some technological references in these cases. Don't worry if youdon't understand all the technicalities, they are there to make the storiesricher for more technically experienced readers. We like technology because it makes our lives easier,but unfortunately it also makes the lives of criminals easier. Sadly, mostusers of high technology are not really aware that high-tech crimes mightaffect them and that is a problem. While many of these stories have beenreported in the media, very little time has been spent on explaining how thesecrimes might affect us. Demystifying these crimes and raising the awareness tousers of technology will make people smarter and safer users and that will makeall of us safer in the long run. With my background as a sworn law-enforcement officer(cop), system administrator (geek), computer programmer (geek), Internetsecurity consultant (geek with tie) and network security researcher (geek inshorts), I offer a unique perspective to help people better understand the manyissues with high-tech crime and how they might be affected. What follows aresome of the high-tech cases I have personally been involved with over the yearsalong with the details of how the problems were discovered and how the caseswere eventually resolved. All of the cases that follow are real. Since not allof the cases resulted in convictions, you will notice that I have taken theliberty of changing the names of the players, to protect the guilty as well asthe innocent. The reader will get a great perspective on howhigh-tech crimes are investigated and will notice that in many ways thesecrimes are very similar to the traditional investigations. After all, one thingthat both high tech and low tech crimes have in common is that both are committedby criminals. Eachcase has created the framework from which law enforcement now operates, as wellas provided a platform of awareness to help other companies and individualsfrom being victimized. A lot has changed over the past decade. Terms like computerviruses, broadband Internet, hacked web-sites and Identity theft are phrasesthat weren’t very well known to the general public just 10 short yearsago. They sure are now. No prior technical experience is necessary in order tounderstand the issues involved with each case. Primarily the stories focus onthe people, and the use and abuse of technology plays a minor supporting role.In the first 4 chapters, we will walk through hacker investigations, pointingout how hackers were causing damage, pointing out the potential additionaldamage that could be caused and how they were tracked and caught. Chapter 5starts with an introductory story on identity theft and is followed with manyissues about this growing crime. For the next two chapters, I draw upon my experiencein interviewing hackers. Chapter 6 details the conversations and the lessonslearned. The next one, Chapter 7, is where I put forth a theory on whatmotivates hackers to do what they do, drawing upon lessons from criminology,psychology and personal observation. Here, the hope is that by a betterunderstanding of what makes a hacker hack, we can do early detection or evenprevention on certain high-tech crimes. The next 2 chapters explain some of the technologiesthat we encountered in the previous chapters in more detail. This is where Ican better explain the potential risks associated with technologies. Chapter 10 and 11 explain what works as well as whatdoes not work in high-tech crime investigations. Chapter 10 uses small caseswhere mistakes led to failed investigations to highlight what can go wrongduring a high-tech investigation. Even though discussing all the things that can go wrong is a great way to learn, Chapter 11 focuses on how to avoid the mistakes inthe first place. Finally, the concluding chapter pulls it all together,so that the reader is aware of the issues surrounding high tech crimes. One important note that I want to share. I startedthis book in 1999 and by mid 2001 I was finally making some very good progress.I felt like I would have been done by the beginning of 2002. Then, after theevents of Sept. 11, I found it hard to continue. While I was fortunate in thefact that I did not lose any family or close friends in the attack, some of myfriends were not so fortunate. In addition, the towers complex was an area thatwas a second home for me, as I spent a lot of time in 7WTC. I even had myfavorite parking spot that always impressed Ches. It was time to help ourfriends that needed us. I took me the better part of a year to finally getpast the grieving and get back to work. You’ll see some of those thoughtshave weaved their way into Chapter 3. Please, let us never forget those who welost that tragic day. I know that I never will…
From the Back Cover
Stories about hacking, stolen credit card numbers, computer viruses, and identity theft are all around us, but what do they really mean to us? The goal of this book, quite simply, is to help educate people on the issues with high-tech crimes.
High-Tech Crimes Revealed: Cyberwar Stories from the Digital Front demystifies the risks and realities of high-tech crimes. Demystifying these crimes and raising the awareness of users of technology will make people smarter and safer, and that will make all of us safer in the long run.
Steven Branigan shares the inside details of real cases he worked on in his various roles in law-enforcement, information technology, and security. The result is a comprehensive, accessible look at how digital crimes are discovered, what techniques the criminals use and why, and (in some cases) how they can be brought to justice.
Inside, you'll find extensive information on
- Actual hacker investigations, including the harm caused and how the criminals were tracked and caught
- The ins and outs of identity theft, a rapidly growing crime with potential for serious damage
- Using the criminology and psychology of hackers to detect and deter attacks
- The risks associated with various technologies
- Do's and don'ts for high-tech criminal investigations
This easily understandable book will take you beyond hearing about high-tech crimes to actually understanding how and why they happenand what can be done to protect yourself.
"Most books on this topic impart knowledge in the form of techniques and methods. This book differs in that it imparts Steven Branigan's experience in the field, and real case studies in which problems are framed and effective solutions are crafted. In this respect this book imparts not only knowledge, but Steve's experience and wisdom as well."
Mike Tarrani, Independent Consultant
"Steven Branigan provides a gripping account of what's involved in investigating computer crime. I strongly recommend this book to any security practitioner or anyone with an interest in computer security."
Michael Nickle, Lead Consultant, VeriSign
"Being on the inside of several high-tech busts has given Steven Branigan the ability to make this book intriguing enough to keep high-tech types interested, while also doing a superb job of demystifying these real-life cases in a way that anyone can read and enjoy."
David Kensiski, Director of Operations, InfiniRoute Networks
"The modern high-tech industry brought new things to our lives. Buying a book, selling a car, or robbing a bank has never been so easy. Why is that? You've got to read this book to find out!"
Denis Scherbakov, Systems Administrator, MCSA: Security, MCSA, MCP, Security+Atlant Telecom, ISP
"Steven Branigan has been deeply involved with many real incidents of high-tech crimessome of them I know of are too sensitive to disclose by name. Yet, High-Tech Crimes Revealed gives outsiders an opportunity to find out what actually takes place in this often-misunderstood field. By combining his powerful knowledge of computers and technology with the legal and behavioral considerations that are overlooked by those less experienced, Branigan demonstrates just how much private industry and government need to cooperate in order to find the facts and identify criminals. While his topic is deadly-serious, he conveys his riveting stories with humor and distills observations into clearly understood rules that we all should know as we go about our lives."
Ed Stroz, Former Supervisory Special Agent of the Federal Bureau of Investigation's Computer Crime Squad in New York and President of Stroz Friedberg LLC
"Steven brings us behind the scenes of some very exciting hacker investigations and interviews, and tells the stories like few others. This book is an exciting read because he describes the people and their actions, showing us how these new-age crimes can affect all of us."
Steve Jurvetson, Managing Director of Draper Fisher Jurvetson
"Finally, real-life credible stories that deliver first-hand accounts of tactical and strategic high-tech operations. This book is a rare look into what goes on behind the scenes. Take a front row seat with the author as he brings you into a world few have seen."
Bob Weaver, Retired Deputy Special Agent in Charge, Criminal Investigative Division, U.S. Secret Service, Washington, D.C.
"Steve's intellect and real-world experience in criminal investigations, forensic analysis, and security principles is evident on every page. Sprinkle in some sound advice and a bit of humor and you have a book that is interesting, informative, and most of all, useful. I highly recommend it."
Fred Staples, Retired Director of Computer and Network Security Consulting for Telcordia Technologies
"This book details story after story of computer crimes and identity theft. The best way to prevent yourself from being a victim is to take these narratives to heart."
Ben Rothke, Senior Security Consultant, ThruPoint Inc.
© Copyright Pearson Education. All rights reserved.See all Product Description
Most Helpful Customer Reviews on Amazon.com (beta)
Chapter list: An Attack on the Telephone Network; An Attack on an ISP; If He Had Just Paid the Rent; Inside a Hacker Sting Operation...; Identity Theft; Let's Ask the Hackers; Why Do Hackers Hack?; Setting the Stage; High-Tech Crime; What Not to Do; How to Run a High-Tech Case; What Have We Learned; Appendix; Bibliography; Index
There are two types of writing in this book. Up through Inside A Hacker Sting Operation, the focus is on real-life cases that the author was part of. You learn details about how cyber-crime is conducted, uncovered, and prosecuted. The benefit here is that you see the warts and failings of the process instead of the glorified versions as told by security experts. After that chapter, there is less emphasis on stories and more focus on subjects, such as why these things occur and how to conduct an investigation. There are still references to real-life events, but that's less of an emphasis. Branigan's writing is humorous and lightly satirical, and makes for an enjoyable read.
The shortcoming was something I couldn't quite put my finger on until I read the preface. Steve started this book in 1999 and thought he'd be done in early 2002. September 11th threw him off, and he didn't get started again until nearly a year later. So in effect, you have a book on cyber-crime published in 2004 that was largely written between 1999 and 2001. While there are references to events in the recent past, many of the significant stories and examples are vintage 2002 or earlier. In my opinion, it's the only significant flaw in what is otherwise an interesting read.
The stories are real, written in non-technical language.
Makes for very interesting reading.
Author Steve Branigan brings a unique perspective to his book. In 1986-7 Branigan was a patrolman in the Seaside Heights Police Department, but three years later he investigated telecom incidents for Bell Communications Research. Later work at Lucent and Bell Labs prepared him for co-founding Lumeta in 2000. His experience with telecom security differentiates the book from those who spend more time on Internet-centric crimes.
I found the first half of the book more helpful than the second half, particularly when legal and criminal concepts are introduced in the context of security investigations. Ch 1 offers insight into drafting search warrants when pursuing a rogue insider. Ch 2 explains subpoenas and executing search warrants. Ch 3 discusses options at trial, like plea bargains. Ch 4 outlines an undercover sting and the role of confidential informants. Ch 5 talks about identity theft and ch 6 describes the author's role in interviewing two 'hackers.'
The first half of the book uses true stories to make its points, but the second shifts more to opinions with short stories added for interest. I skimmed these later chapters as they seemed more appropriate for those without security and forensic experience.
A few excerpts from the book are quote worthy. On p 106 Branigan notes that during a sting operation, the cops disabled exploit tools hosted on a cop-supervised bulletin board to avoid 'facilitating the transmission of hacking tools.' Consider that when you find a 'broken exploit.' A footnote on p 111 says 'NetStumbler is freeware. Why people write these things nobody knows.' NetStumbler isn't just for wardriving by those with malicious intent; sys admins also use it to discover rogue access points.
I agree with Thomas Duff's assessment regarding the shelf life of Branigan's stories. Many cases, like ch 1's SS7 intrusion, were cool despite being almost 10 years old. In other places Branigan really dated himself. For example, p 118 states 'the main set of backdoor programs for UNIX are collectively known as rootkit, and those for Windows-based systems are Back Orifice and Netbus.' That was mostly correct in 2000, but very dated by 2004. I also question the 'session takeover' techniques mentioned on p 175; far too little detail is offered to make me accept this 'magic' capability.
Overall I recommend reading HTCR. Branigan literally has a front-row seat on several fascinating security incidents. Few people have accompanied police when seizing evidence or performed hands-on analysis of live systems as related by HTCR. Readers with an interest in telco security will particularly enjoy Branigan's tales, and I appreciated his use of FreeBSD as a forensic platform.
This is not a reference book. The technical content is related directly to the stories and case studies. But the technical content is still very compelling, well written and in-depth.
If you are looking for a book on how to secure Linux or NT, this is not your book. I think this book is written for people with a passion about security and who are serious about a career in information security. Those types of people will love this book.
Look for similar items by category
- Books > Computers & Technology > History & Culture > Culture
- Books > Computers & Technology > History & Culture > Security
- Books > Computers & Technology > Internet & Social Media > Hacking
- Books > Computers & Technology > Web Development > Security & Encryption > Encryption
- Books > Politics & Social Sciences > Crime & Criminals > Criminology
- Books > Qualifying Textbooks - Fall 2007 > Computers & Internet