IT security classic,
Verified Purchase(What is this?)
This review is from: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (Hardcover)
Although a somewhat old book now at 8 years old, both the author and publication are well known subjects in the security world. No matter your opinion of the author who has collated the stories from various black hat sources (and who himself famously spent time in incarceration prior to this for IT systems penetration) it's worthwhile to read the publication in order to 'know your enemy' as Sun Tzu would have advised.
Since it's a collection of what appear to be true stories of penetrations of organisations systems, it's a welcome break from drier more technical publications that you might be used to as revision reference and similar. The book features less on technical procedures, checklists and exact tools/procedures and facts and more on the process and social engineering behind real world penetration attacks against the IT industry - as such the book ages well and is still insightful despite the age.
It feels like the majority of stories revolve around the attackers finding overlooked small flaws in a sites security, and then spending time turning this single flaw into a larger penetration, growing in depth of compromise over time. This is quite a contrast to the usual mainstream view of a single flaw causing the compromise of an organisation - the book implies that it's more likely a string of flaws, each on its own not a great issue (and probably existing due to lack of staff time or knowledge) but when combined they provide an attacker with a route in.
The story of the attacker who spends a year breaking into a company also challenges the traditional view of attackers that compromise a system, cause damage or send as much spam as possible until detected and then the issue is fixed by the IT staff. Instead the attacker gets access and spends time slowly moving through the network to get to the desired systems (in this case a source code repository).
Another eye opener is the scorn the attackers repeatedly give towards systems when the systems administrators dont take action against persistent obvious attacks. It's hard to read the book and not come away thinking that perhaps it really is time to cure the false positives coming from the organisations intrusion detection system and pay some real attention to configuring it. You think of your own organisations systems, and the minor outstanding security measures you've been meaning to spend time on but other tasks took priory. It's a healthy kick in the posterior to pay attention to both due care in setting up security prevention and detection systems and due diligence in monitoring the resulting logs (and taking action when necessary).
The book is an IT security classic which ages well in terms of technical content (due to the discussion of timeless subjects such as social engineering rather than software versions) and should be required reading for IT professionals, especially those who might be feeling that their IT security is impenetrable.