Cyberjutsu: Cybersecurity for the Modern Ninja
- 4h 6m
- Ben McCarty
- No Starch Press
- 2021
Cyberjutsu is a practical cybersecurity field guide based on the techniques, tactics, and procedures of the ancient ninja. Cyber warfare specialist Ben McCarty’s analysis of declassified Japanese scrolls will show how you can apply ninja methods to combat today’s security challenges like information warfare, deceptive infiltration, espionage, and zero-day attacks
Learn how to use key ninja techniques to find gaps in a target’s defense, strike where the enemy is negligent, master the art of invisibility, and more. McCarty outlines specific, in-depth security mitigations such as fending off social engineering attacks by being present with “the correct mind,” mapping your network like an adversary to prevent breaches, and leveraging ninja-like traps to protect your systems.
You'll also learn how to:
- Use threat modeling to reveal network vulnerabilities
- Identify insider threats in your organization
- Deploy countermeasures like network sensors, time-based controls, air gaps, and authentication protocols
- Guard against malware command and-control servers
- Detect attackers, prevent supply-chain attacks, and counter zero-day exploits
Cyberjutsu is the playbook that every modern cybersecurity professional needs to channel their inner ninja. Turn to the old ways to combat the latest cyber threats and stay one step ahead of your adversaries.
About the Author
Ben McCarty is a cyber security specialist and former NSA developer. He served in the US Army's Network Warfare Battalion and became the first fully qualified cyber warfare specialist (35Q) in US Army history. He is currently a quantum security researcher in the Washington, DC, area.
In this Book
-
Foreword
-
Introduction
-
Mapping Networks: With These Maps, the General can Consider How to Defend and Attack a Castle
-
Guarding with Special Care: Even Castles with Strong Fortifications should Be Guarded, Paying Particular attention to the Recessed Corners
-
Xenophobic Security: If You accept Strangers without Much Thought, the Enemy Shinobi May Come in Disguised as a Stranger and Seek Information from the inside
-
Identification Challenge: Though There are Ancient Ways for Identifying Marks, Passwords, and Certificates, Unless You Invent New Ones and Rotate Them, the Enemy Will Manage to Infiltrate by Having Similar Fake Ones
-
Double-Sealed Password: Sometimes, a Set of Signs Such as Pinching the Nose or Holding the Ear should Be Used with These Passwords
-
Hours of Infiltration: After Waiting until the Hour of Ox, the Ninja Realized That the Guard Had Fallen Asleep; Everything was Dead Quiet, and the Fire was Out Leaving all in Darkness
-
Access to Time: You should Start Your Attack with no Delay and Not Prematurely but Perfectly on Time
-
Tools: Remember, If You use a Ninja Tool, be Sure to use it When the Wind is Whistling so as to Hide any Sound and Always Retrieve it
-
Sensors: Whether Day or Night, Scouts for a Far-Distance Observation should Be Sent Out
-
Bridges and Ladders: There Will Be no Wall or Moat That You Cannot Pass, no Matter How High or Steep it is, Particularly if You use a Ninja Ladder
-
Locks: There is no Padlock That You Cannot Open. However, This all Depends on How Skilled You Are; Therefore, You should Always Get Hands-On Practice
-
Moon on the Water: After Making an Agreement with Your Lord, You should Lure the Enemy Out with Bait to Infiltrate Their Defenses
-
Worm Agent: Make a Minomushi, or Worm Agent (Aka Insider Threat), Out of an Enemy
-
Ghost on the Moon: According to Japanese Legend, if You Knew How to Seek the Ghost Who Tends Trees on the Moon, he Could Invite You to the Moon to Eat the Leaves of His Tree, Making You Invisible
-
The Art of the Fireflies: The Art of Fireflies should be Performed Only after you Know Everything about the Enemy in Great Detail so That You can Construct Your Deception in Accordance with the Target's Mindset
-
Live Capture: Use Good Judgment to Determine Whether the Target is Actually Inattentive or Whether They are Employing a Ruse to Lure Ninjas and Capture Them
-
Fire Attack: First, it is Easy to Set Fires; Second, it is Not Easy for the Enemy to Put Out the Fire; and Third, if Your Allies are Coming to Attack the Castle at the Same Time, the Enemy will Lose any Advantage as the Fortifications will Be
-
Covert Communication: When a Shinobi is Going to Communicate with the General after he has Gotten into the Enemy's Castle, the Shinobi Needs to Let His Allies Know Where he is. It is Essential to Arrange for the Time and Place to Do This
-
Call Signs: When You Steal in, the First Thing You should do is Mark the Route, Showing Allies the Exit and How to Escape
-
Light, Noise, and Litter Discipline: The Traditions of the Ancient Shinobi Say You should Lock the Doors before You Have a Look at the Enemy with Fire
-
Circumstances of Infiltration: You should Infiltrate at the Exact Moment That the Enemy Moves and not Try When They do not Move—This is a Way of Principled People
-
Zero-Days: A Secret Will Work if it is Kept; You Will Lose if Words are Given Away
-
Hiring Shinobi: In Order to Defend against Enemy Plans or Shinobi, or Should an Emergency Arise, You May Think it More Desirable to have a Large Number of People. However, You should Not Hire More People into Your Army without Careful Consideration
-
Guardhouse Behavior: Do Not let Your Guard Down, Even if You are Not Confronting the Enemy
-
Zero-Trust Threat Management: If You Enter a Room from the Rear and if There is Someone in the Room who is Not Asleep, Then They Will not Suspect You as an Intruder. It is Because Those who Come from the Rear are not Considered Possible Thieves or Assailants
-
Shinobi Tradecraft: Secret Techniques to Infiltrate without Fail are Deceptive, and They are Varied and Flexible and are Done According to Opportunity. Thus, as a Basis, You Should Embrace the Old Ways of the Shinobi Who Served under Ancient Great Generals, but Remember not Only to Keep to These Ways but to Adapt Them, Each Dependent on the Situation and the Moment
-
Endnotes
YOU MIGHT ALSO LIKE
