In May 2021, Jim Gosler, known as the Godfather and commander of US agencies cyber offensive capability, said, ''Either the Intelligence Community (IC) would grow and adapt, or the Internet would eat us alive.'' Mr Gosler was speaking at his retirement only several months before the terrorist attacks of 9/11. He possibly did not realise the catalyst or the tsunami that he and his tens of thousands of US IC offensive website operatives had created and commenced.
Over the last two decades, what Mr Gosler and his army of Internet keyboard warriors created would become the modus operandi for every faceless, nameless, state-sponsored or individual cybercriminal to replicate against an unwary, ill-protected, and ignorant group of executives and security professionals who knew little to nothing about the clandestine methods of infiltration and weaponisation of the Internet that the US and UK agencies led, all in the name of security.
This book covers many cyber and ransomware attacks and events, including how we have gotten to the point of massive digital utilisation, particularly during the global lockdown and COVID-19 pandemic, to online spending that will see twice the monetary amount lost to cybercrime than what is spent online.
There is little to no attribution, and with the IC themselves suffering cyberattacks, they are all blamed on being sophisticated ones, of course. We are witnessing the undermining of our entire way of life, our economies, and even our liberties. The IC has lots to answer for and unequivocally created the disastrous situation we are currently in. They currently have little to no answer. We needno, we must demandchange. That change must start by ensuring the Internet and all connections to it are secure and no longer allow easy access and exfiltration for both the ICs and cybercriminals.
| Foreword |
|
vii | |
| Preface |
|
xi | |
|
Chapter 1 Stuxnet to Sunburst and Ransomware Development |
|
|
1 | (6) |
|
Chapter 2 Not Secure, F and 0... |
|
|
7 | (10) |
|
Chapter 3 Ransomware Lessons Being Learned |
|
|
17 | (6) |
|
So, What Has This to Do with Ransomware? |
|
|
18 | (5) |
|
Chapter 4 Colonial Pipeline and CI Companies |
|
|
23 | (6) |
|
Is America's Critical National Infrastructure Prepared for the Ongoing Ransomware Siege, and What Can They Do to Avoid It? |
|
|
24 | (5) |
|
Chapter 5 CNA Ransomware Attack and Cyber Insurance |
|
|
29 | (10) |
|
Chapter 6 BA, easyJet, and the Travel Industry |
|
|
39 | (4) |
|
Chapter 7 Destabilising the United States, Courts, Law Enforcement, and Way of Life |
|
|
43 | (10) |
|
Chapter 8 Deterrence Theory and the Five Eyes Faux Pas |
|
|
53 | (6) |
|
Chapter 9 Ensuring the Security of Insecurity |
|
|
59 | (8) |
|
Chapter 10 Traditional Warfare, the Fat Man, Mistakes Made, and Lessons Still Being Learned and Ignored |
|
|
67 | (6) |
|
Chapter 11 Survivorship Bias |
|
|
73 | (6) |
|
Chapter 12 Air India Ransomware Faux Pas |
|
|
79 | (6) |
|
Chapter 13 Most Common Website Vulnerabilities and Attacks |
|
|
85 | (8) |
|
|
|
86 | (1) |
|
|
|
86 | (1) |
|
Man-in-the-Middle Attacks |
|
|
86 | (1) |
|
Distributed Denial of Service |
|
|
87 | (1) |
|
|
|
87 | (1) |
|
|
|
87 | (1) |
|
|
|
88 | (1) |
|
|
|
89 | (1) |
|
|
|
89 | (4) |
|
Chapter 14 The Old Lady of Threadneedle Street and the FCA |
|
|
93 | (6) |
|
Chapter 15 Mitre CWE and Ransom Task Force |
|
|
99 | (8) |
|
Chapter 16 Critical National Infrastructure: The Collapse of a Nation |
|
|
107 | (6) |
|
Chapter 17 US State Attacks and the Continued Oversight of Security |
|
|
113 | (8) |
|
Chapter 18 Conflicts of Interest |
|
|
121 | (8) |
|
Chapter 19 Innovation and Disbelief |
|
|
129 | (6) |
|
Chapter 20 Blackbaud, Cyberattacks, and Class Action Lawsuits |
|
|
135 | (8) |
|
Chapter 21 The World's Largest Global Economic Shift |
|
|
143 | (6) |
|
Chapter 22 It Is Not Setting Goals Too High, but Setting Them Too Low and Achieving Them |
|
|
149 | (12) |
|
Chapter 23 Avoiding the Apocalypse |
|
|
161 | (6) |
|
Chapter 24 If a Clever Person Learns from Their Mistakes and a Wise Person Learns from the Mistakes of Others, What Is a Person Who Learns from Neither Known As? |
|
|
167 | (6) |
| Index |
|
173 | |
Andy is a senior and seasoned innovative executive with over 30 years' experience as a hands-on lateral thinking CEO, coach, and leader. A 'big deal' business accelerator, and inspirational lateral thinker. Andy has crafted, created and been responsible for delivering over £100M of projects Information Classification: General within the Cyber, Technical, Risk and Compliance markets with some of the world's largest leading organisations. Andy has a demonstrable track record of large-scale technical delivery and management within Professional Services, Managed Services and Financial Services environments. Andy has extensive experience of working at C-Level and is well known around the world for his strong business leadership, integrity, acumen, development, and change management. Andys first book, published in the Autumn of 2021 and titled Stuxnet to Sunburst, 20 years of digital exploitation and cyber warfare is a candid, practitioners view, in laymans terms, of how digital warfare over the last 20 years has shaped our world. It uncovers many unknown facts, and projects that the public have been totally unaware of, that is until now. Andy was one of the first, and possibly one of very few people to discover the plethora of insecure SolarWinds domains. It has since been proven that Andys version of the attack of an insecure sub domain being hijacked and a nefarious website being stood up, is now common knowledge as being the initial access and root cause of the initial infiltration (Sunburst). Andys research and paper was presented to the United States Senate Intelligence Committee overseeing the SolarWinds breach earlier this year. Andy has just finished writing a second book on his experience and in-depth research of over 1000 companies over the last few years, all of whom have been victims of cyber and ransomware attacks. The book is titled Ransomware and Cyberwar, the global economic shift. Andy has an uncanny ability to see things, and tell them in straight forward, no nonsense manner and translate them into easily digestible chunks that can be addressed and remediated. His recall, and real examples of cyber and ransomware attacks, covers why attacks occurred, and more importantly, how to prevent them. His findings have been completely supported by Hacker One confirming 96% of hackers hack websites and Statista who confirm the top three initial access points for cybercrime are servers and websites. In 2020 Andy was featured in The Catholic News Agency article on The Vatican breach as he unravelled and assisted The Vatican by identifying 82 out of their 85 domains were insecure. Many were capturing PII data and payments. With 1.2 billion followers online, particularly during Covid-19 lockdowns, Andy may have uncovered the root cause for the worlds single largest online digital PII data breach to date.
Daugiau apie elektronines knygas