In my full-time day job, I am, for lack of a better term, a “webmaster,” meaning that I update content on a very highly-trafficked website on a daily basis. On our team we also have a number of individuals who maintain our server farm and actually engineer the site code, so while I don’t directly work with incoming traffic or network security protocol, our company is small enough that I have to constantly be aware of new security trends and the like to keep our site safe.
This is why the book Cyber Adversary Characterization: Auditing the Hacker Mind (Syngress Press) struck me as a tome that might be particularly useful in my line of work. The title led me to believe that the volume would be filled with case studies of hacking incidents and psychological profiles of “types” of hackers, and while the book does contain a few such examples, this is not its primary focus.
Following what I thought was a difficult-to-read foreword by Jeff Moss, the first chapter provides (in brief) the kind of information I was hoping to read–a couple of case studies containing some psychological insight into the hacker mind, as well as a broad overview of the goals of the book.
From there, however, the book delves deep into somewhat complicated metrics and formulas designed to help a network administrator or security auditor analyze a network, determine what type of attack might take place, and how to initiate steps to prevent such an attack. Also covered are formulae geared towards disassembling an attack after the fact, as sometimes it just isn’t possible to predict how or why a particular type of attack on a website or network might occur.
While the book is heavy on metrics, formulae and tables full of numbers that are more-or-less meaningless to non-network administrators, the principles behind the numbers are solid, and are useful in creating a generalized overview of how secure a site or network is, or where an attack may originate from. The book, however, concludes with a fascinating chapter containing a description of an attack from start to finish. Sure, it’s a touch geekier than, say, a Michael Crichton novel, but it is still interesting nonetheless and is a nice close to an otherwise challenging read.
A purchase of the book does include a modest number of additional electronic benefits. For instance, when you register your book on the Syngress web site (http://www.syngress.com/solutions), you are able to download four free “e-booklets” on topics related to the book, including “war driving,” the evolution of a hacker, and programmer & analyst ethics. The site also provides a spot for the book’s authors to post addenda, as well as for the publishers to indicate changes or corrections to the text. (As Syngress is an imprint of O’Reilly, it’s the kind of step you expect from them.)
On the whole, this book is valuable in that it provides network security managers with a solid basis for assessing where a hacker might attack. For the layperson, however, the numbers and formulae are difficult to digest. This is definitely a professional-level, heavy duty text and is by no means a psychology textbook. So if that’s the type of thing you’re looking for, steer clear; otherwise this book provides an excellent framework for, as the title says, auditing the mind of the hacker with something malicious in mind.