Spam Nation

A New York Times bestseller and winner of a 2015 Prose Award! There is a threat lurking online. A secret war with the power to destroy your finances, steal your personal data, and endanger your life. In Spam Nation, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies—and countless viruses, phishing, and spyware attacks—he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere. Blending cutting-edge research, investigative reporting, and firsthand interviews, this terrifying true story reveals how we unwittingly invite these digital thieves into our lives every day. From unassuming computer programmers right next door to digital mobsters like "Cosma"—who unleashed a massive malware attack that has stolen thousands of Americans' logins and passwords—Krebs uncovers the shocking lengths to which these people will go to profit from our data and our wallets. Not only are hundreds of thousands of Americans exposing themselves to fraud and dangerously toxic products from rogue online pharmacies, but even those who never open junk messages are at risk. As Krebs notes, spammers can—and do—hack into accounts through these emails, harvest personal information like usernames and passwords, and sell them on the digital black market. The fallout from this global epidemic doesn't just cost consumers and companies billions, it costs lives too. Fast-paced and utterly gripping, Spam Nation ultimately proposes concrete solutions for protecting ourselves online and stemming this tidal wave of cybercrime—before it's too late. "Krebs's talent for exposing the weaknesses in online security has earned him respect in the IT business and loathing among cybercriminals... His track record of scoops...has helped him become the rare blogger who supports himself on the strength of his reputation for hard-nosed reporting." —Bloomberg Businessweek

Now a New York Times bestseller! There is a Threat Lurking Online with the Power to Destroy Your Finances, Steal Your Personal Data, and Endanger Your Life. In Spam Nation, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies-and countless viruses, phishing, and spyware attacks-he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere. Blending cutting-edge research, investigative reporting, and firsthand interviews, this terrifying true story reveals how we unwittingly invite these digital thieves into our lives every day. From unassuming computer programmers right next door to digital mobsters like "Cosma"-who unleashed a massive malware attack that has stolen thousands of Americans' logins and passwords-Krebs uncovers the shocking lengths to which these people will go to profit from our data and our wallets. Not only are hundreds of thousands of Americans exposing themselves to fraud and dangerously toxic products from rogue online pharmacies, but even those who never open junk messages are at risk. As Krebs notes, spammers can-and do-hack into accounts through these emails, harvest personal information like usernames and passwords, and sell them on the digital black market. The fallout from this global epidemic doesn't just cost consumers and companies billions, it costs lives too. Fast-paced and utterly gripping, Spam Nation ultimately proposes concrete solutions for protecting ourselves online and stemming this tidal wave of cybercrime-before it's too late. "Krebs's talent for exposing the weaknesses in online security has earned him respect in the IT business and loathing among cybercriminals... His track record of scoops...has helped him become the rare blogger who supports himself on the strength of his reputation for hard-nosed reporting." -Bloomberg Businessweek

Cyber Operations A rigorous new framework for understanding the world of the future Information technology is evolving at a truly revolutionary pace, creating with every passing year a more connected world with an ever-expanding digital footprint. Cyber technologies like voice-activated search, automated transport, and the Internet of Things are only broadening the interface between the personal and the online, which creates new challenges and new opportunities. Improving both user security and quality of life demands a rigorous, farsighted approach to cyber operations. Cyber Operations offers a groundbreaking contribution to this effort, departing from earlier works to offer a comprehensive, structured framework for analyzing cyber systems and their interactions. Drawing on operational examples and real-world case studies, it promises to provide both cyber security professionals and cyber technologies designers with the conceptual models and practical methodologies they need to succeed. Cyber Operations readers will also find: Detailed discussions of case studies including the 2016 United States Presidential Election, the Dragonfly Campaign, and more Coverage of cyber attack impacts ranging from the psychological to attacks on physical infrastructure Insight from an author with top-level experience in cyber security Cyber Operations is ideal for all technological professionals or policymakers looking to develop their understanding of cyber issues.

A comprehensive look at the world of illicit trade Though mankind has traded tangible goods for millennia, recent technology has changed the fundamentals of trade, in both legitimate and illegal economies. In the past three decades, the most advanced forms of illicit trade have broken with all historical precedents and, as Dark Commerce shows, now operate as if on steroids, tied to computers and social media. In this new world of illicit commerce, which benefits states and diverse participants, trade is impersonal and anonymized, and vast profits are made in short periods with limited accountability to sellers, intermediaries, and purchasers. Louise Shelley examines how new technology, communications, and globalization fuel the exponential growth of dangerous forms of illegal trade—the markets for narcotics and child pornography online, the escalation of sex trafficking through web advertisements, and the sale of endangered species for which revenues total in the hundreds of millions of dollars. The illicit economy exacerbates many of the world’s destabilizing phenomena: the perpetuation of conflicts, the proliferation of arms and weapons of mass destruction, and environmental degradation and extinction. Shelley explores illicit trade in tangible goods—drugs, human beings, arms, wildlife and timber, fish, antiquities, and ubiquitous counterfeits—and contrasts this with the damaging trade in cyberspace, where intangible commodities cost consumers and organizations billions as they lose identities, bank accounts, access to computer data, and intellectual property. Demonstrating that illicit trade is a business the global community cannot afford to ignore and must work together to address, Dark Commerce considers diverse ways of responding to this increasing challenge.

Jonathan Lusthaus lifts the veil on cybercriminals in the most extensive account yet of the lives they lead and the vast international industry they have created. Having traveled to hotspots around the world to meet with hundreds of law enforcement agents, security gurus, hackers, and criminals, he charts how this industry based on anonymity works.

In all levels of social structure, from the personal to the political to the economic to the judicial, The SAGE Encyclopedia of Surveillance, Security and Privacy uncovers and explains how surveillance has come to be an integral part of how our contemporary society operates worldwide.

Protect Your Organization Against Massive Data Breaches and Their Consequences Data breaches can be catastrophic, but they remain mysterious because victims don’t want to talk about them. In Data Breaches, world-renowned cybersecurity expert Sherri Davidoff shines a light on these events, offering practical guidance for reducing risk and mitigating consequences. Reflecting extensive personal experience and lessons from the world’s most damaging breaches, Davidoff identifies proven tactics for reducing damage caused by breaches and avoiding common mistakes that cause them to spiral out of control. You’ll learn how to manage data breaches as the true crises they are; minimize reputational damage and legal exposure; address unique challenges associated with health and payment card data; respond to hacktivism, ransomware, and cyber extortion; and prepare for the emerging battlefront of cloud-based breaches. Understand what you need to know about data breaches, the dark web, and markets for stolen data Limit damage by going beyond conventional incident response Navigate high-risk payment card breaches in the context of PCI DSS Assess and mitigate data breach risks associated with vendors and third-party suppliers Manage compliance requirements associated with healthcare and HIPAA Quickly respond to ransomware and data exposure cases Make better decisions about cyber insurance and maximize the value of your policy Reduce cloud risks and properly prepare for cloud-based data breaches Data Breaches is indispensable for everyone involved in breach avoidance or response: executives, managers, IT staff, consultants, investigators, students, and more. Read it before a breach happens! Register your book for convenient access to downloads, updates, and/or corrections as they become available. See inside book for details.

Meet the world's top ethical hackers and explore the tools of the trade Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders, describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology. Dorothy Denning discusses advanced persistent threats, Martin Hellman describes how he helped invent public key encryption, Bill Cheswick talks about firewalls, Dr. Charlie Miller talks about hacking cars, and other cybersecurity experts from around the world detail the threats, their defenses, and the tools and techniques they use to thwart the most advanced criminals history has ever seen. Light on jargon and heavy on intrigue, this book is designed to be an introduction to the field; final chapters include a guide for parents of young hackers, as well as the Code of Ethical Hacking to help you start your own journey to the top. Cybersecurity is becoming increasingly critical at all levels, from retail businesses all the way up to national security. This book drives to the heart of the field, introducing the people and practices that help keep our world secure. Go deep into the world of white hat hacking to grasp just how critical cybersecurity is Read the stories of some of the world's most renowned computer security experts Learn how hackers do what they do—no technical expertise necessary Delve into social engineering, cryptography, penetration testing, network attacks, and more As a field, cybersecurity is large and multi-faceted—yet not historically diverse. With a massive demand for qualified professional that is only going to grow, opportunities are endless. Hacking the Hacker shows you why you should give the field a closer look.

“A masterful guide to the interplay between cybersecurity and its societal, economic, and political impacts, equipping students with the critical thinking needed to navigate and influence security for our digital world.” —JOSIAH DYKSTRA, Trail of Bits “A comprehensive, multidisciplinary introduction to the technology and policy of cybersecurity. Start here if you are looking for an entry point to cyber.” —BRUCE SCHNEIER, author of A Hacker’s Mind: How the Powerful Bend Society’s Rules, and How to Bend Them Back The first-ever introduction to the full range of cybersecurity challenges Cybersecurity is crucial for preserving freedom in a connected world. Securing customer and business data, preventing election interference and the spread of disinformation, and understanding the vulnerabilities of key infrastructural systems are just a few of the areas in which cybersecurity professionals are indispensable. This textbook provides a comprehensive, student-oriented introduction to this capacious, interdisciplinary subject. Cybersecurity in Context covers both the policy and practical dimensions of the field. Beginning with an introduction to cybersecurity and its major challenges, it proceeds to discuss the key technologies which have brought cybersecurity to the fore, its theoretical and methodological frameworks and the legal and enforcement dimensions of the subject. The result is a cutting-edge guide to all key aspects of one of this century’s most important fields. Cybersecurity in Context is ideal for students in introductory cybersecurity classes, and for IT professionals looking to ground themselves in this essential field.

Research on cybercrime has been largely bifurcated, with social science and computer science researchers working with different research agendas. These fields have produced parallel scholarship to understand cybercrime offending and victimization, as well as techniques to harden systems from compromise and understand the tools used by cybercriminals. The literature developed from these two fields is diverse and informative, but until now there has been minimal interdisciplinary scholarship combining their insights in order to create a more informed and robust body of knowledge. This book offers an interdisciplinary approach to research on cybercrime and lays out frameworks for collaboration between the fields. Bringing together international experts, this book explores a range of issues from malicious software and hacking to victimization and fraud. This work also provides direction for policy changes to both cybersecurity and criminal justice practice based on the enhanced understanding of cybercrime that can be derived from integrated research from both the technical and social sciences. The authors demonstrate the breadth of contemporary scholarship as well as identifying key questions that could be addressed in the future or unique methods that could benefit the wider research community. This edited collection will be key reading for academics, researchers, and practitioners in both computer security and law enforcement. This book is also a comprehensive resource for postgraduate and advanced undergraduate students undertaking courses in social and technical studies.