The Art of Attack. Maxie Reynolds
Чтение книги онлайн.
Читать онлайн книгу The Art of Attack - Maxie Reynolds страница 7
Название: The Art of Attack
Автор: Maxie Reynolds
Издательство: John Wiley & Sons Limited
Жанр: Зарубежная компьютерная литература
isbn: 9781119805472
isbn:
However, because I will look at the attacker mindset through the lens of a security professional, this book is first and foremost intended for those who wish to partake in a modern battle of stress testing and ethics: security professionals. Ethics and morals will come into play quite a bit. Knowing how to portray the bad actors is not the same as actually becoming them. The line that separates us from them is the line of ethics.
There's also a case to be made that says ordinary individuals can benefit from learning about AMs. Awareness of how this mindset might present itself can prove pivotal in assessing whether an attack is being mounted against you and what to do if it is. Because of this, my aim for The Art of Attack is for it to be useful for the general public, too.
Finally, every chapter in this book, every paragraph, every sentence, has the capacity to offend or irk someone. Those with a detailed military background will need all of their patience to forgive what cannot be known about warfare recon without having been in the thick of it; those who guard the realm of the ethical hacker will need to find a way to subside their rage given this book speaks as directly to malicious attackers as it does ethical. Alas, I cannot control who reads this and what they do with the information within it. For those very sensitive or pedantic, putting the word ethical before the word attacker will not make what I say in this book invisible to any malicious actors reading it. To subside this rage, all I can offer is this: as a society increasingly in need of effective security measures, focusing on the need to better understand attacks and attackers is prudent. Understanding how and why an attacker performs is one thing—and it's important. But being able to think like them, looking at ourselves through their eyes, we become more powerful, more dominant, and far safer.
My final sentiments are a cloned copy of Tai T'ung, who, in the 13th century said of his book, History of Chinese Writing: “Were I to wait perfection, my book would never be finished.” Of course, I am not writing a history of the attacker mindset. I am setting out to show the full breadth of it and its modern-day uses and functions.
What This Book Covers
The idea behind this book is to document and teach the attacker mindset, without taking individualism and obliterating it.
Different strengths will have to be played to by all of us who use this book to build an attacker mindset and execute attacks. Nonetheless, I'll pick apart the attacker mindset so that we can find the commonalties and still leave room for each of us to apply our own personal brand to it.
The greatest and sharpest attackers are trained to see opportunities in the moment, and there's no way for this book to list the infinite opportunities an (ethical or otherwise) attacker might come across out in the field. But what it will teach is this: how to form the attacker mindset and how to apply it.
In the name of ethics, the final part of this book will explore the “tells” of an attack and what businesses, organizations, and institutions can and should do pre- and post-attack to protect themselves.
Finally, the end goal of the attack, after you've sprinted 18 flights of stairs, hidden under desks, been wedged in between two 20-foot containers, sweated the foundation off your thumb tattoos (all fun stories for later), and handed in the report, is to leave each company, boardroom, and client stronger for having employed you. It's almost all that separates us from the bad guys.
Here we go. Enjoy.
Chapter 1 What Is the Attacker Mindset?
War is 90 percent information.
—Napoleon Bonaparte
It is 5 a.m., and I still have an hour before I meet my team. I've been up for the last hour going over plans because this is how I always start my attacks: with a niggling amount of nervous energy, I pace the floor of my hotel room, playing a game of mental chess in my mind. I go over my initial approach, consider my possible moves if I do get past security, and then again if I don't, I start to wonder How will I pivot? The game of mental chess carries on. This is the most efficient and successful way I have found to hone my mental agility.
From this thought I dive into a myriad of others, imagining new ways I might get into the building, new ways to escalate my privileges and deepen my foothold after my initial breach, whether that starts in the basement or the lobby. If someone happens to ask me why I am in the basement, could I say I got in the wrong elevator from the parking garage and ask for help…?
I visualize the layout of the building internally—another luxury afforded by solid open source intelligence (OSINT) findings—and use faceless silhouettes to represent staff I might pass along the way. Sometimes I imagine them asking me questions; sometimes I imagine myself just nodding at them in silent acknowledgment. After all, the largest component of executing an artful attack lies in the attacker's ability to adapt to the people and surroundings in which they find themselves, even when those things are brand-new.
I continue to walk myself through it all a few times, picturing different obstacles: Would it be better just to tailgate, or should I walk in front of the building declaring myself a visitor? I imagine the payoffs of each and weigh them. Working the visitor system should give me almost unfettered access for the day, but it's a high-risk move, I tell myself, whereas tailgating in through a less visible entrance leaves me at the mercy of sloppy, albeit well-intentioned, employees holding any one of hundreds of fire and security doors open for me… . Taking a moment, I come to a conclusion: No, stick with the A-plan: go to security and get access, I tell myself.
The whole time I'm performing this mental pre-attack ritual, I am reminding myself of the same things over and over: get in, get the flags, never let them know you're a threat, and stay within scope. In my mind I am always making my way to the 38th floor, and I am always mentally preempting the challenges I'll face as I try to walk into the CFO's office and place a USB drive into their computer port. That's my job. And, although I like to warm up by running as many possibilities through my mind as I can come up with, I have yet to predict obstacles and pivots correctly even once in my career. That is irrelevant, though—the mental warm-up is what I need—it induces the power of thinking on my feet and knowing I've learned from prior failures and successes.
I soon start to focus on making sure I've disguised myself as a threat. I've based my pretext off the OSINT I've found so far. For this bank job, I am a lawyer here to help wrap up the mergers and acquisitions deal that was all over the news only weeks ago, albeit without much context. It took a lot of searches and piecing together information to choose the nuance of this pretext; I am not just any lawyer, but a lawyer who is now needed to help the deal over the final few hurdles, equipped with an abundance of paperwork—my prop and my seeming legitimacy. And, unless the security guards happen to be a team of lawyers, I won't be found out by the typical questions people ask a lawyer: What are you here for? What firm do you work for? How long have you been practicing, what school did you go to? Do you know how I can get out of a parking ticket? I call these my pretext layers, and depending on the job, I might need to go many layers deep, to the point I need to know much more than you might expect, from common jargon to how a piece of machinery works.
The СКАЧАТЬ