Blackhatonomics: An Inside Look at the Economics of Cybercrime

Blackhatonomics explains the basic economic truths of the underworld of hacking, and why people devote hours to develop malware around the world. The root cause analysis of the monetization of cybersecurity in the inner circle of cybercrime is analyzed from the impact of multiple. Written by an exceptional author team, they take practical academic principles back them up with use cases and extensive interviews, placing you right into the mindset of the cyber criminal.

• Historical perspectives of the development of malware as it evolved into a viable economic endeavor
• Country specific cyber-crime analysis of the United States, China, and Russia, as well as an analysis of the impact of Globalization on cyber-crime.
• Presents the behind the scenes methods used to successfully execute financially motivated attacks in a globalized cybercrime economy.
• Provides unique insights, analysis, and useful tools for justifying corporate information security budgets.
• Provides multiple points of view, from pure research, to corporate, to academic, to law enforcement.
• Includes real world cybercrime case studies and profiles of high-profile cybercriminals.

About the Authors

Will Gragido possesses over 18 years of information security experience. A former United States Marine, Mr. Gragido began his career in the data communications information security and intelligence communities. After USMC, Mr. Gragido worked within several information security consultancy roles performing and leading red teaming, penetration testing, incident response, security assessments, ethical hacking, malware analysis and risk management program development. Mr. Gragido has worked with a variety of industry leading research organizations including International Network Services, Internet Security Systems/IBM Internet Security Systems X-Force, Damballa, Cassandra Security, HP DVLabs, and now RSA NetWitness, where he leads the RSA FirstWatch Advanced Threat Intelligence team.

Will has deep expertise and knowledge in operations, analysis, management, professional services & consultancy, pre-sale/architecture and strong desire to see the industry mature and enterprises & individuals become more secure. Will is a long-standing member of the ISC2, ISACA, and ISSA. Mr.Gragido holds the CISSP and CISA certifications, as well as accreditations in the National Security Agency's Information Security Assessment Methodology (IAM) and Information Security Evaluation Methodology (IEM). Additionally, Mr.Gragido is a Faculty Member of the IANS Institute where he specializes in advanced threat, botnet, and malware analysis. Mr.Gragido is a graduate of DePaul University and is currently preparing for graduate school. An internationally sought after speaker, Will is the co-author of Cybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats.

Daniel J. Molina (CISSP) is Senior Regional Director for ELAM (Emerging Latin American Markets) in Kaspersky Lab. In this position, he serves as a managing director for the region, inclusive of sales, marketing, channel development, engineering and support.

Mr. Molina is considered a thought leader in the area of information security, and has been called to speak on issues such as the state of the security industry, "Security Best Practices", "The Business Aspects to Information Security", "Operational Efficiency in IT Security" and "The Myth of ROI in Security", and "Capabilities Maturity Models in Security" at various industry forums worldwide. His view on security maturity has made him a sought-after resource to help explain and justify, in business terms, what users, businesses, and government entities require.

Daniel was previously Channel Sales Director for Latin America and the Caribbean at Kaspersky Lab, and first joined as part of the Field Marketing team for part of the United States.

In his previous role as Director of Advanced Solutions, and as a Security Evangelist for McAfee, Mr. Molina provided a voice to the McAfee Risk Management Process, and assists in complex and strategic opportunities for McAfee customers. He has also created curriculums, and provided training to multiple partners on Security Intelligence, and Anomaly Detection and Behavioral Forecasting models for security.

Daniel has extensive experience in enterprise security architecture design, internetworking, LAN/WAN implementation and project and team management. In addition to his role at McAfee, Daniel spent several years as a Principal Systems Architect for Q1 Labs, Solution Architect for Internet Security Systems and as an Enterprise Consultant with Entex Information Services overseeing infrastructure and Y2K project implementations for companies such as GTE, Nextel, and The Coca-Cola Company.

Daniel's background includes several years as a systems specialist and administrator with enterprise and carrier environments. Along with numerous industry and technology-specific certifications, Daniel holds the following designations: CISSP, CBS, CCSA, CCSE, MCSE+I, and others.

Daniel studied Political Science and Psychology at the University of Southern California and Economics at the University of Texas, Arlington.

John Pirc recently co-authored Cyber Crime and Espionage, published in February 2011. He has more than 15 years of experience in Security R&D, worldwide security product management, marketing, testing, forensics, consulting, and critical infrastructure architecting and deployment. Additionally, John is an advisor to HP's CISO on Cyber Security and lectured at the US Naval Post Graduate School.

John extensive expertise in the Security field stems from past work experience with the Central Intelligence Agency in Cyber Security, as Chief Technology Officer at CSG LTD, Product Manager at Cisco, Product Line Executive for all security products at IBM Internet Security Systems, Director at McAfee's Network Defense Business Unit and currently the Director of Product Management at HP Enterprise Security Products leading the strategy for the organization's next generation security platforms.

In addition to a BBA from the University of Texas, John also holds the NSA-IAM and CEH certifications. He has been named security thought leader from SANS Institute and speaks at top tier security conferences worldwide and is most recently published in Forbes on Social Media security.

Nick Selby has been an information security analyst and consultant for more than a decade, and has worked in physical security and intelligence consulting in various roles since 1993. In 2005 he established the information security practice at industry analyst firm The 451 Group, where he conducted in-depth technical briefings and consulted more than 1000 technology vendors. Nick has consulted hundreds of venture-backed startups on understanding their competitive landscape, on product development and feature enhancements, user interface and security. He has consulted US and European governments, more than 80 investment banks, more than 20 venture capital firms; on the investment side, to better understand the technology and landscape of the companies into which they invested, and on the operations side on securing their intellectual property and processes. In 2007 he was appointed VP of Research Operations at 451, where he managed more than 35 technology analysts, developing analysis products and technologies to leverage their insights. Since 2006 Selby has served on the faculty of IANS Research. His work consulting F500 companies on data theft and industrial espionage has placed him at the leading edge of firms helping those under attack by adaptive, persistent adversaries, and he is experienced at managing attacks and architecting recovery networks.

Since 2008 he has focused on law enforcement intelligence, and he works parttime as a sworn police officer in the Dallas-Fort Worth Metroplex, investigating cyber crime. He teaches continuing legal education on cyber crime for prosecutors in one of the country's largest jurisdictions, and writes the TechTalk column for Law Officer Magazine. He is the CEO of StreetCred Software, which produces software that helps law enforcement serve fugitive arrest warrants through predictive intelligence.