Cybercrime and Espionage and over 2 million other books are available for Amazon Kindle . Learn more
  • RRP: £36.99
  • You Save: £12.95 (35%)
FREE Delivery in the UK.
Only 10 left in stock (more on the way).
Dispatched from and sold by Amazon.
Gift-wrap available.
Cybercrime and Espionage:... has been added to your Basket
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats Paperback – 7 Mar 2011

1 customer review

See all 3 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
"Please retry"
£14.00 £18.52
£24.04 FREE Delivery in the UK. Only 10 left in stock (more on the way). Dispatched from and sold by Amazon. Gift-wrap available.

Special Offers and Product Promotions

  • Win a £5,000 Gift Card for your child's school by voting for their favourite book. Learn more.
  • Prepare for the summer with our pick of the best selection for children (ages 0 - 12) across

Frequently Bought Together

Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats + How to Research (Open Up Study Skills)
Price For Both: £44.93

Buy the selected items together

Win a £5,000 Gift Card and 30 Kindle E-readers for your child or pupil's school.
Vote for your child or pupil(s) favourite book(s) here to be in with a chance to win.

Product details

  • Paperback: 272 pages
  • Publisher: Syngress (7 Mar. 2011)
  • Language: English
  • ISBN-10: 1597496138
  • ISBN-13: 978-1597496131
  • Product Dimensions: 1.9 x 20.3 x 24.8 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (1 customer review)
  • Amazon Bestsellers Rank: 667,752 in Books (See Top 100 in Books)

More About the Authors

Discover books, learn about writers, and more.

Product Description


"Risks have evolved. We haven't. While we stabilize toward checkbox compliance, adversaries and IT accelerate onward. Adversaries know you're compliant - and do not care - they're counting on it. Let's replace faith-based dogma with intellectual honesty. As fellow Cassandras, Will and John confront you with modern threat models and challenge you to adapt".

-Joshua Corman, Research Director for Enterprise Security, The 451 Group

"During 2010 three specific names signaled a fundamental shift in the risks that come from dealing in an interconnected world: Project Aurora, Stuxnet, and Wikileaks. This book provides the insights of an intelligence analyst on what got us to this point, and forecasts what information security professionals will be dealing with in the near future".

-James Turner, Advisor, IBRS

"Cybercrime and Espionage was probably the most comprehensive and relevant book on the cyber security landscape written to date. The authors captured the true essence of the methods and cyber trade craft backed with use case after use case. I find this book a must have for any security professional or executive that has the responsibility for ensuring the protection of their corporate infrastructure."

-Alan Kessler VP & GM HP Networking Security Products Group/TippingPoint

--Joshua Corman, Research Director for Enterprise Security, The 451 Group

About the Author

As former United States Marine, Mr.Gragido began his career in the data communications information security and intelligence space. Mr.Gragido is a seasoned information security and risk management professional with over 15 year's professional industry experience and brings a wealth of knowledge and experience to bear. Working in a variety of roles, Will has deep expertise and knowledge in operations, analysis, management, professional services & consultancy, pre-sales / architecture and business development within the information security industry. Will is a long-standing member of the ISC2, ISACA, and ISSA. Mr.Gragido holds the CISSP and CISA certifications, as well as accreditations in the National Security Agency's Information Security Assessment Methodology (IAM) and Information Security Evaluation Methodology (IEM).

John has more than 10+ years of hands on security experience in security research, worldwide product management/development, security IV&V testing, forensics, and architecting/deploying enterprise wide security solutions for both public and private organizations worldwide. John has worked for the Central Intelligence Agency, Computer Systems Group LTD, Cisco Systems, IBM and McAfee. In addition to a BBA in Information Systems from the University of Texas, John also holds the NSA Information Assurance Methodology and Certified Ethical Hacker certifications. John was recently named security thought leader from SANS Institute and advisory board member of SANS Execubytes publication.

Inside This Book

(Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

Customer Reviews

5.0 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See the customer review
Share your thoughts with other customers

Most Helpful Customer Reviews

By estelle marks on 29 April 2015
Format: Paperback Verified Purchase
my partner loved this book
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Helpful Customer Reviews on (beta) 7 reviews
6 of 6 people found the following review helpful
highly recommend this book 1 May 2011
By Scott A Otocki - Published on
Format: Paperback Verified Purchase
The book "Cybercrime and Espionage" by Will Gragido and John Pirc was written by two experienced Information Security Professionals who bring to the table a macroscopic approach to mitigating risks in today's evolving threat landscape.
The intended audience could appeal to historians, regular internet users, and anyone interested in the methods and motivations of cybercriminals and cyber espionage operators. These methods come to life with the author's use of case studies. For example Danielle Duann, a former IT manager who was sentenced 3 years of supervised release and $94,000 in restitution for destroying organ donation records after being fired from her job. Her method of access was creating a fake vpn user account. Moral of the story is a cybercriminal's motive could be revenge as opposed to profit. Also, a security professional must implement regular audits of user accounts, paying special attention to super users like Danielle.
I enjoyed Chapter 11 - Hiding in plain sight: Next generation techniques' and tools for avoidance and obfuscation. In it, the authors discuss techniques on how to bypass security hardware/software controls with publically available free tools. Websites like provide quality assurance testing for malware by running the file through AV vendor engines which report back any positives. IP spoofing methods: "The Onion Router" TOR, allows you to route your traffic through multiple nodes all over the world which encrypt the source ip as it passes through each node.
The author's stress how and why methods are becoming more sophisticated. Mainly because criminals choose the less risky method of stealing credit card numbers as opposed to going in and robbing a bank.
There is a growing need for more than the standard firewall, intrusion detection system and antivirus. A solution the authors mention is Advanced Meta-Network Security Analysis for deep packet inspection and a better understanding of what's happening on a network.
Overall I enjoyed the book. There are not enough good information security books that cover the history of espionage, cybercriminal methods and motives, and manage to keep the information contemporary and fun to read. I would highly recommend this book.
7 of 7 people found the following review helpful
They Had Me At Cicero 2 April 2011
By Eric Huber - Published on
Format: Kindle Edition Verified Purchase
This is an amazingly thoughtful and well researched book that provides a comprehensive and approachable overview of the world of crime and espionage as it pertains to the electronic world. If you don't have a background in intelligence and espionage matters, this is a great book that will get you up to speed in a manner that you can use in your day to day working life. The authors go out of their way to educate the reader in a broad manner about the world of intelligence. For example, they spend a considerable amount of time delving into the physical world of espionage and using that as a tool to teach readers about basic concepts and how they apply to the electronic world.

As an amateur historian, one of the things that appealed to me about this book is the attention to detail and depth that the authors go into in providing historical context for the world of crime and espionage. They make excellent use of historical figures such as Cicero, Seneca, Hammurabi, and Sun Tzu. Because human nature does not change, neither does the usefulness of learning from the examples and philosophy of historical figures such as these when trying to understand the modern world.

This work provides a solid philosophical underpinning for understanding the fundamentals of the modern world of cybercrime and espionage. It provides exceptional clarity for the events of the day by using the past to bring current events into focus. APT (Advanced Persistent Threat), for example, is a key element of this book. The authors discuss this issue using the lens of history while tapping modern events and researchers to explain the current state of affairs.

The book's eighth chapter provides an excellent example of how the authors blend history and current affairs to explain a point. This chapter is entitled "The Rise of the Subversive Multivector Threat" and begins with a lengthy explanation of Sun Tzu's The Art of War and how it pertains to thinking about issues such as the modern world of espionage. The chapter then moves into a discussion about current statistics show that unlawful activity in the electronic world is increasing. The chapter begins to define just what is a SMT (Subversive Multivector Threat) by talking about some legal issues pertaining to economic espionage and providing some modern day examples of espionage activity. The chapter also discusses the history of the term APT which includes a discussion of Richard Bejtlich's work in this area. The authors ultimately disagree with Bejtlich's definition even though they respect it. Their SMT definition is broader than APT. They explain that a SMT might involve APT, but it's not just limited to it. It is that broader SMT definition that they explain in the rest of the chapter.

It's early in the year as I write this review, but it's entirely possible that this could be the best information security book that I'll read in 2011. It's very thorough, thoughtful, and well written. Reasonable people can and almost certainly will disagree and debate the author's conclusions, but that's all the more reason to read this book.
2 of 2 people found the following review helpful
Solid introduction to an all too real world 11 Nov. 2011
By montblanc - Published on
Format: Paperback
I read this book with a critical eye knowing that it's title evokes a lot of skepticism and questions. I was pleasantly surprised to see the direction the authors had elected to take the book. It was very clear to me that they were targeting a wide audience, one which comprised the schooled and unschooled, in an attempt to introduce complex concepts and ideas. I was impressed by the detail and time put into the chapters. I found the emphasis on human intelligence extremely compelling and believe that the authors did a great job in establishing ties which bind the concepts clearly. Unlike other reviewers I didn't read or anticipate more than what the book or it's jacket implied. It's clear to me that the authors were setting the stage for future works; works that would provide and included more specific detailed analysis of individual attacks, operations and compromises. I'd like to see more of this in a second edition. I think the this book provides an excellent introduction into a world which many are simply ignorant of or choose to ignore.
3 of 5 people found the following review helpful
Excellent information from the experts 2 Mar. 2011
By gka - Published on
Format: Paperback
This book provides a very good overview of the state of cybercrime in the world today. It is pretty obvious that the authors are experts in the field and make their living by helping large corporations secure their assets. Their observations and recommendations obviously come from their work keeping us safe from the bad guys. I was somewhat shocked at how massive the cyber threat really is and how sophisticated the attacks are becoming and that this is big business. Fortunately this book discussed some of the most current trends and techniques being employeed to combat the growing threat. Sometimes these topics can be somewhat dry but the authors keep it interesting and it makes for a good read. I highly recommend it.
8 of 15 people found the following review helpful
This is very lightweight and poorly written 6 Aug. 2011
By Richard L. Rankin - Published on
Format: Paperback Verified Purchase
Julius and Ethel Rosenberg? Aldrich Ames? Most of this book has nothing to do with cyber anything. Pages of pictures of insignia, arm patches and organization charts of various government agencies. Why would any reasonably knowledgable person find that useful? There's an entire page with the alphabets and pronunciation of classical Attic Greek, Archaic Etruscan and Hebrew. And I don't know why! This book is hodge-podge of stuff everyone I know already knows except perhaps the pronunciation of the Etruscan alphabet. This is a total waste of money. Skim it in a bookstore if you don't believe me.
Were these reviews helpful? Let us know