[...]... the target of a Denial -of- service (DoS) attack.These threats haven’t gone away, but new threats and theoretical threats have entered the mix— Blended Threats, Warhol Worms, Flash Threats, and Targeted Attacks.These newer threats do more damage and are more costly to the victims than their predecessors were Blended Threats use multiple paths to propagate; paths such as e-mail, file sharing, and the web... keep the identities of the individuals and organizations anonymous The content is based either on my direct involvement in the incident or on my involvement with the organizations after the fact In some cases I was able to have conversations with the actual insiders Each case discusses the insider, the organization, the attack, and the countermeasures the organization employed I’ve used a cross-section... all of these issues, the emphasis is on Enterprise Security Management (ESM) software solutions More specifically, it discusses how ESM can be used to address the most difficult-to-manage and costly of all threats: the insider Audience The audience for this book is diverse because those impacted by insiders are also diverse For those not familiar with insider threats, it will provide a strong foundation... said to date back to the early 1800s when a gentleman by the name of Joseph Jacquard developed an automated means of weaving for the textile industry.This automation solution was, in fact, the forerunner to the computer punch card Several employees at the facility were afraid that they were about to lose their jobs.Therefore they sabotaged the technology Interestingly, we may then say that the first... sorts of bad guys are out there trying to breach our networks, deface our Web sites, and disrupt the operation of our network services However, until recently, we have mostly paid attention to the out there part of that last sentence.We have assumed that the main threat is from people we have never seen, people who are operating safely out of reach on the other side of the world Or maybe we think the. .. cross-section of stories from various countries and business verticals to demonstrate how the manifestations of insider threats and countermeasures differ from one another .The end result is an eclectic grouping of business process, technology, and human behavior To help illustrate some of the concepts, I have included several diagrams and screen shots Some of the screen shots are from ArcSight’s ESM software The. .. to spread.That was true until Code Red and Nimda were released, and then the industry saw attacks propagating in just hours.These events were a wakeup call for organizations that didn’t have the appropriate patches or countermeasures in place The vulnerability in Microsoft IIS that Code Red exploited was discovered on June 18th 2001 Within the following forty-eight hours, Microsoft had a patch available... and encrypted communication such as Secure Shell (SSH) Within the Tor community of hundreds of thousands of users, communications are distributed among several non-logging onion routers which are actually servers within the community that act as relays without keeping a history of the source or destination .The entire path of communication, from the original source to the destination, remains hidden... in the information technology security sector since 1990 Currently, he is the owner of SecurityBreachResponse.com and is the Chief Information Security Of cer for Securit-e-Doc, Inc Before starting this position, he was Vice President of Technical Operations at Intelliswitch, Inc., where he supervised an international telecommunications and Internet service provider network Dave is a recognized security. .. on-line on identity information, account information, and the like .The private off-line servers are more exclusive and harder to find.These servers generally take the form of bulletin board systems that invite individuals to dial-in and participate While this type of criminal behavior can be hard to track, the collection of actual money can make the criminals vulnerable If they use any mainstream financial . organizations, the general public and the media, consequently most security resources are focused to counter them. Enemy at the Water Cooler focuses on the often-overlooked area of information security the. security- focused, I’ve had the pleasure to work with some of the brightest people in some of the most fascinating organizations I could have ever imagined. Enemy at the Water Cooler and the stories. constructed set of defenses requires that the entire corporation or agency become involved in defining the threats and knowing how to spot them in the business processes. Enemy at the Water Cooler is