eBook - ePub
Cyber Reconnaissance, Surveillance and Defense
Robert Shimonski
This is a test
- 258 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Cyber Reconnaissance, Surveillance and Defense
Robert Shimonski
Book details
Book preview
Table of contents
Citations
About This Book
At a time when online surveillance and cybercrime techniques are widespread, and are being used by governments, corporations, and individuals, Cyber Reconnaissance, Surveillance and Defense gives you a practical resource that explains how these activities are being carried out and shows how to defend against them.
Expert author Rob Shimonski shows you how to carry out advanced IT surveillance and reconnaissance, describes when and how these techniques are used, and provides a full legal background for each threat. To help you understand how to defend against these attacks, this book describes many new and leading-edge surveillance, information-gathering, and personal exploitation threats taking place today, including Web cam breaches, home privacy systems, physical and logical tracking, phone tracking, picture metadata, physical device tracking and geo-location, social media security, identity theft, social engineering, sniffing, and more.
- Understand how IT surveillance and reconnaissance techniques are being used to track and monitor activities of individuals and organizations
- Find out about the legal basis of these attacks and threats — what is legal and what is not — and how to defend against any type of surveillance
- Learn how to thwart monitoring and surveillance threats with practical tools and techniques
- Real-world examples teach using key concepts from cases in the news around the world
Frequently asked questions
How do I cancel my subscription?
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Cyber Reconnaissance, Surveillance and Defense an online PDF/ePUB?
Yes, you can access Cyber Reconnaissance, Surveillance and Defense by Robert Shimonski in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.
Information
Chapter 1
Digital Reconnaissance and Surveillance
Abstract
This chapter covers digital reconnaissance and surveillance fundamentals and prepares the reader to engage in more detailed techniques in the remaining chapters. It covers why people spy, the motivations, the risks, and the rewards. It discusses fundamental knowledge needed to mitigate the threat of stalking and what information would be relevant for security analysts and the general public. This chapter covers current events, the damage that can occur, and the many methods in which spying can be conducted. Basic cybercrime topics are also covered.
Keywords
Reconnaissance
Surveillance
Spying
Espionage
National Security Agency (NSA)
Edward Snowden
Mobile Technology
Public Internet
Social Media
Video Surveillance
Digital Forensics
Terrorism
Stalking
Cybercrime
Penetration Testing
Law and Ethics
Digital reconnaissance and surveillance
Today, the world operates on a digital landscape. Wearable technology is the latest buzz word and everyone seems to be connected via their phones, pads, and laptops. Virtually everyone everywhere is becoming more and more interconnected and sharing data and socializing. Using this medium has become the norm. While the world continues to grow digitally, so does the risk of exposure. As the landscape grows exponentially, so does the threat of those who would, and will abuse this medium for their own gain.
Modern societies cannot hold back growth and innovation because of fear; those same societies must learn to overcome challenges of a growing interconnected world as seen in Figure 1.1.
Figure 1.1 Viewing the digital landscape.
Because technological advancements grow exponentially, the security innovations must encapsulate and work within them. Security is not a new consideration; it is an age old practice applied to new situations such as a growing digital landscape.
Reconnaissance and surveillance have been practiced for centuries, primarily as a way for militaries to conduct observation of enemy activities and monitor targets to gain strategic advantage. Reconnaissance and surveillance teams would go out to gather information about enemy activities in hopes to find out location information, size, and strength of their targets and/or to place targeting information for incoming strikes.
Digital reconnaissance (or digital recon for short) is the “digital” form of what these teams or individuals do, except primarily in a computer-based world. These experts perform many of these same basic functions of their military counterparts and the target could be strategic advantage, financial gain, leverage, or to place targeting information for more attacks in a corporate or private landscape. The landscape is not the traditional battlefield, but the cyberworld where computers and mobile technology can be manipulated, video cameras can be hacked into, and databases of personal information can be stolen to gain strategic advantage.
Not all who perform reconnaissance and surveillance activities have bad intentions; some perform these activities in order to protect. In recent news, the National Security Agency (NSA) has been filtering data of the Americans and others in the name of national security. Because it wasn’t disclosed and seemed to overreach, it was immediately brought into questions by the American public when it was brought into light by Edward Snowden, an employee who worked with the NSA and leaked how the NSA was capturing inappropriate data. The threat of government’s spying on individuals is not new; however, it seems to have grown more post 9/11 because of the threat of terrorist attack, the assembling of the Department of Homeland Security (DHS) in the United States, and the ability for many to use technology as a way to gather information quickly about anyone or anything.
In this chapter, we will detail the fundamentals of digital reconnaissance and surveillance, provide some history on the topic, and set the tone for the remaining chapters where we will go into detail on how these activities take place, how vulnerable we are, and how to fortify our defenses and mitigate risk on a more personal level.
Art and History of Spying
As we have just discussed, reconnaissance and surveillance is not new; it’s been practiced for centuries. The term “spying” may come to mind when you read about or watch movies where a “spy” is used to capture information about a target. In this book, we will use this term interchangeably, so when the term spy is referenced, we use it to explain the person or activity of collecting and reporting information on a specific target.
What is surveillance? The word surveillance comes from the French word “watching over.” Surveillance involves monitoring persons or locations to identify behaviors, activities, and other changing information. This will be the primary topic and focus throughout the book, covering the current landscape and attack vectors. Learning how to mitigate and defend against digital surveillance is tricky; today almost everything you do is captured on camera or tracked. We will cover more on this topic as we progress through the book; however, understanding the passive and the aggressive form of surveillance is important.
There are different forms of surveillance to include adversarial surveillance that is to gather information in preparation for an aggressive action and likely criminal in nature. Examples of adversarial surveillance are terrorism (domestic and international), destruction of property (logical or physical), and other crimes against individuals of entities to include theft, stalking, and espionage. Espionage (which is used interchangeably with spying) is defined as the practice of spying on or spying by governmental and military entities to gain information.
Surveillance has also advanced to the point where unmanned aircraft (typically called Drones), as seen in Figure 1.2, is responsible for conducting “spy” missions to gather data and information on targets. This has brought about a large amount of controversy about how privacy is impacted and what legal issues arise from such activity.
Figure 1.2 Security drone.
One of the most historical legal concepts of spying is the Espionage act of 1917. This highly outdated and misused law does not fully protect those who are charged with spying. Cybercrime is not covered, security clearances are not covered, and it is consistently becoming more and more important in the realm of prosecuting criminals at the highest levels of government. It also brings to light what are the legal implications of spying on your neighbor, such as using their wireless connection, and infiltrating their home. What about the Electronic Communications Privacy Act of 1986 that prohibited the storing of certain data on others. As we will learn for decade’s, protection has been put into place to draw specific boundaries to keep privacy of citizens in check; however, this has brought about many legal challenges along the way. In this chapter and throughout the book, we will cover these legal aspects alongside the technical how to and defense tactics you need to put into place for safety and security. You will see in this book, as we progress through the chapters, and looking at how digital spying is conducted, you will find that many of the old tactics used outside of the digital realm still apply. As an example, stalking digitally can also lead to traditional stalking and vice versa. Understanding the concerns and risks of both are relevant to understanding the threat as a whole.
This does not mean that any person or team that conducts surveillance is a threat. Investigative, forensic, and security teams today conduct investigations legally and may require a warrant or some form of legal backing to conduct any type of information gathering; however, not all need to operate within these boundaries. Therefore, it’s important to understand some legal concepts when either you are the victim of these activities or, if perpetrating an attack, what you may or may not be held liable for.
Threat of digital reconnaissance and surveillance
What is at stake? Currently, much is at stake. Your privacy is at stake. Your safety could be at stake. Your identity can be stolen. You can be impacted financially. As the digital landscape grows, so does the threat exponentially. We will cover each of these in depth; however, it’s safe to say that the threat is very real and the need to understand it and protect yourself should be considered and practiced.
The threat of digital spying is also growing at a rapid rate, generationally, and more and more are creating an online footprint. As more people get mobile devices and attach to the public Internet, there are more opportunities for attackers to conduct surveillance on selected targets.
Your identity can be stolen. You finances can be impacted. Your safety can be threatened.
To understand this concept in more detail, we need to consider the size, depth, and breadth of the threat landscape.
Threat Landscape
As mentioned before, threats grow exponentially. The math is simple. As more people connected to the public Internet via a growing number of devices to include mobile phones, laptops, wearable technology, and pads, the number of possible victims also grows. The attack vector also extends.
The Internet fueled by search engines, social media, and the ability to retain all that it collects is a digital spy’s goldmine when doing reconnaissance work. Considerably, one of the biggest threats today on the Internet is in the form of search engines and social media. You can virtually learn a person’s history, what they like, their location, and who their friends and family are. You can learn where they work. You can even track their movement day by day. This is a reminder that George Orwell’s book “1984” may indeed have come to 2014 and Big Brother is watching. In fact, this book may turn you into a Winston Smith, looking for ways to evade Big Brother’s roving eye! Today’s roving eye looks more in line with the millions of cameras that can be found in stores, businesses, and home across the world as seen in Figure 1.3.
Figure 1.3 Digital surveillance camera.
Search engines are so far one of the first (and easiest) tools to use to start reconnaissance on a target. You may even attempt to safeguard your personal information or the websites you use may attempt to safeguard it; however, let’s take a look at how easy it is to gather information on a target.
In this example, we will look at the growing world of online dating. One would think that by going online and filling out a profile on a website that is marketed as safe, one could simply find and meet their perfect “match.” Before the online dating craze took hold, traditionally a person may get a “reference check” from a friend of family member about a person who may be right for them. They may meet somewhere and get to know each other, perhaps at a school, work, or a venue. They may talk on the phone and get to know each other. Today, you simply need to create an online profile and sit back and wait.
You may think it’s safe; you are not identifying yourself by last name, you may not be putting up a picture, or you may lie about who you are. But what if you were honest? What if you put a few key pieces of information up like your first name, last initial, your occupation, and the town where you reside? This is all that is needed to give a spy (or worse, a stalker) enough information to begin to track you in a search engine. For example, Rhonda K., a Horticulturist who resides in Kissimmee, Florida, may be enough to find your LinkedIn profile. Now, there is enough to begin to track more information about you. As we progress through the book, we will learn how to dig deeper and find more information; however, this is enough for now. To show you the “threat landscape” and how deep and wide it goes. Rhonda may have just been divorced and looking for a safe way to date that fit into her busy lifestyle; however, by attempting to remain anonymous while she tested the online dating waters may have exposed herself to stalking.
Social media is also another treasure trove of information. By simply infiltrating someone’s social sites, you may be able to launch attacks directly against a victim in the form of bullying, stalking, and worse, criminal behavior. With sites such as Twitter, Facebook, and Linkedin, one could conduct surveillance and reconnaissance of a target and gain information such as identity, occupation, location, movement patterns, and more.
Mobile technology has widened the threat landscape by giving each and every user of a mobile device a way to track their every movement. A stolen, hacked, or bugged phone can provide information on a user’s identity, location, movement patterns, and communication history. Digit...
Table of contents
Citation styles for Cyber Reconnaissance, Surveillance and Defense
APA 6 Citation
Shimonski, R. (2014). Cyber Reconnaissance, Surveillance and Defense ([edition unavailable]). Elsevier Science. Retrieved from https://www.perlego.com/book/1809528/cyber-reconnaissance-surveillance-and-defense-pdf (Original work published 2014)
Chicago Citation
Shimonski, Robert. (2014) 2014. Cyber Reconnaissance, Surveillance and Defense. [Edition unavailable]. Elsevier Science. https://www.perlego.com/book/1809528/cyber-reconnaissance-surveillance-and-defense-pdf.
Harvard Citation
Shimonski, R. (2014) Cyber Reconnaissance, Surveillance and Defense. [edition unavailable]. Elsevier Science. Available at: https://www.perlego.com/book/1809528/cyber-reconnaissance-surveillance-and-defense-pdf (Accessed: 15 October 2022).
MLA 7 Citation
Shimonski, Robert. Cyber Reconnaissance, Surveillance and Defense. [edition unavailable]. Elsevier Science, 2014. Web. 15 Oct. 2022.