Cyberjutsu: Cybersecurity for the Modern Ninja

About the Author
Brief Contents
Contents in Detail
Foreword
Acknowledgments
Introduction
	About This Book
		A Note on the Castle Theory Thought Exercises
			For Future Use
		A Ninja Primer
			The Historical Ninja
			The Ninja Scrolls
			Ninja Philosophy
			Ninja Techniques
1: Mapping Networks
	With these maps, the general can consider how to defend and attack a castle.
		Understanding Network Maps
		Collecting Intelligence Undetected
		Creating Your Map
		Recommended Security Controls and Mitigations
		Debrief
2: Guarding with Special Care
	Even castles with strong fortifications should be guarded, paying particular attention to the recessed corners.
		Understanding Attack Vectors
		The Concept of Guarding
		Guarding Within a Cybersecurity Framework
		Threat Modeling
		Using Threat Modeling to Find Potential Attack Vectors
		Recommended Security Controls and Mitigations
		Debrief
3: Xenophobic Security
	If you accept strangers without much thought, the enemy shinobi may come in disguised as a stranger and seek information from the inside.
		Understanding Anti-Privilege
		The Problem with Interoperability and Universal Standards
		Developing Unique Characteristics for Your Environment
		Recommended Security Controls and Mitigations
		Debrief
4: Identification Challenge
	Though there are ancient ways for identifying marks, passwords, and certificates, unless you invent new ones and rotate them, the enemy will manage to infiltrate by having similar fake ones.
		Understanding Authentication
		Developing Matched-Pair Authenticators
		Recommended Security Controls and Mitigations
		Debrief
5: Double-Sealed Password
	Sometimes, a set of signs such as pinching the nose or holding the ear should be used with these passwords.
		A Concealed 2-Step Authentication
		Developing Double-Sealed Passwords
		Recommended Security Controls and Mitigations
		Debrief
6: Hours of Infiltration
	After waiting until the hour of Ox, the ninja realized that the guard had fallen asleep; everything was dead quiet, and the fire was out leaving all in darkness.
		Understanding Time and Opportunities
		Developing Time-Based Security Controls and Anomaly Detectors
		Recommended Security Controls and Mitigations
		Debrief
7: Access to Time
	You should start your attack with no delay and not prematurely but perfectly on time.
		The Importance of Time
		Keeping Time Confidential
			Determine Your Baseline
			Assess Technical Capability
			Establish Policy
		Recommended Security Controls and Mitigations
		Debrief
8: Tools
	Remember, if you use a ninja tool, be sure to use it when the wind is whistling so as to hide any sound and always retrieve it.
		Living Off the Land
		Securing Tools
		Recommended Security Controls and Mitigations
		Debrief
9: Sensors
	Whether day or night, scouts for a far-distance observation should be sent out.
		Identifying and Detecting Threats with Sensors
		Better Sensors
		Recommended Security Controls and Mitigations
		Debrief
10: Bridges and Ladders
	There will be no wall or moat that you cannot pass, no matter how high or steep it is, particularly if you use a ninja ladder.
		Network Boundary Bridging
		Countering Bridges
		Recommended Security Controls and Mitigations
		Debrief
11: Locks
	There is no padlock that you cannot open. However, this all depends on how skilled you are; therefore, you should always get hands-on practice.
		Physical Security
		Improving Locks
		Recommended Security Controls and Mitigations
		Debrief
12: Moon on the Water
	After making an agreement with your lord, you should lure the enemy out with bait to infiltrate their defenses.
		Social Engineering
		Defenses Against Social Engineering
		Recommended Security Controls and Mitigations
		Debrief
13: Worm Agent
	Make a minomushi, or worm agent (aka insider threat), out of an enemy.
		Insider Threats
		A New Approach to Insider Threats
		Recommended Security Controls and Mitigations
		Debrief
14: Ghost on the Moon
	According to Japanese legend, if you knew how to seek the ghost who tends trees on the moon, he could invite you to the moon to eat the leaves of his tree, making you invisible.
		Implants
		Protections from Implants
		Recommended Security Controls and Mitigations
		Debrief
15: The Art of the Fireflies
	The art of fireflies should be performed only after you know everything about the enemy in great detail so that you can construct your deception in accordance with the target’s mindset.
		Attribution
		Approaches to Handling Attribution
		Recommended Security Controls and Mitigations
		Debrief
16: Live Capture
	Use good judgment to determine whether the target is actually inattentive or whether they are employing a ruse to lure ninjas and capture them.
		Live Analysis
		Confronting Live Threats
		Recommended Security Controls and Mitigations
		Debrief
17: Fire Attack
	First, it is easy to set fires; second, it is not easy for the enemy to put out the fire; and third, if your allies are coming to attack the castle at the same time, the enemy will lose any advantage as the fortifications will be understaffed.
		Destructive Cyber Attacks
		Safeguards from (Cyber) Fire Attacks
		Recommended Security Controls and Mitigations
		Debrief
18: Covert Communication
	When a shinobi is going to communicate with the general after he has gotten into the enemy’s castle, the shinobi needs to let his allies know where he is. It is essential to arrange for the time and place to do this.
		Command and Control Communication
		Controlling Coms
		Recommended Security Controls and Mitigations
		Debrief
19: Call Signs
	When you steal in, the first thing you should do is mark the route, showing allies the exit and how to escape.
		Operator Tradecraft
		Detecting the Presence of Call Signs
		Recommended Security Controls and Mitigations
		Debrief
20: Light, Noise, and Litter Discipline
	The traditions of the ancient shinobi say you should lock the doors before you have a look at the enemy with fire.
		Cyber Light, Noise, and Litter
		Detection Discipline
		Recommended Security Controls and Mitigations
		Debrief
21: Circumstances of Infiltration
	You should infiltrate at the exact moment that the enemy moves and not try when they do not move—this is a way of principled people.
		Adversarial Opportunity
		Adversarial Adversity
		Recommended Security Controls and Mitigations
		Debrief
22: Zero-Days
	A secret will work if it is kept; you will lose if words are given away.
		Zero-Day
		Zero-Day Defense
		Recommended Security Controls and Mitigations
		Debrief
23: Hiring Shinobi
	In order to defend against enemy plans or shinobi, or should an emergency arise, you may think it more desirable to have a large number of people. However, you should not hire more people into your army without careful consideration.
		Cybersecurity Talent
		Talent Management
		Recommended Security Controls and Mitigations
		Debrief
24: Guardhouse Behavior
	Do not let your guard down, even if you are not confronting the enemy.
		Security Operations Center Issues and Expectations
		Influencing Behavior
		Recommended Security Controls and Mitigations
		Debrief
25: Zero-Trust Threat Management
	If you enter a room from the rear and if there is someone in the room who is not asleep, then they will not suspect you as an intruder. It is because those who come from the rear are not considered possible thieves or assailants.
		Threat Opportunity
		Blocking the Suspicious
		Recommended Security Controls and Mitigations
		Debrief
26: Shinobi Tradecraft
	Secret techniques to infiltrate without fail are deceptive, and they are varied and flexible and are done according to opportunity. Thus, as a basis, you should embrace the old ways of the shinobi who served under ancient great generals, but remember not
		Techniques, Tactics, and Procedures
			Pyramid of Pain
			ATT&CK Framework
			Threat Intelligence
		Cyber Threat Intelligence
		Recommended Security Controls and Mitigations
		Debrief
Notes
Index