Tired of trying to find videos or articles on the subject, none of them give any actual insight apart from "DA STUXNET VIRUS" and AI misinfo slop. I've been interested in discovering what tools are utilized, more info on APTs, and other cool cybersecurity facts and tactics. How does the military or intelligence agencies carry out cyber operations? Do they just have like one big office building or something? All need answers.
>>64312260download Kali, that will give you the basic skid tools. only test against your own devices or your own VM, do NOT test against your own router or modem or your ISP will throw a bitchfit. look up DEFCON talks to hear people talk about it in the industry, but the only way you're really going to learn is fucking around with the stuff/in a classroom. there's a surprising amount of community college courses on this shit now, and plenty of online cert courses too.
>>64312260...like, what are you even after here OP? It's just another tech job. It can be highly distributed, even to the extent of basically nobody knowing anyone else's real identity as with criminal outfits, or highly centralized, or hybrid. It's a bunch of programmers and probers and support workers etc who work to develop exploits in software and hardware used by targets and then tries to find ways to deploy it towards some ultimate goal. That could be ransomware, or triggering specific effects immediately, or it could be engineering a stealthy persistent backdoor via a rootkit or the like that can then be saved so that if ever needed it can be activated to cause damage. There's tons of boring grunt work in all this too to make it deniable and stay up on the constant cat-and-mouse, but ultimately it's folks sitting behind screens following plans of other folks behind screens. Not sure what you're expecting?
>>64312267I noticed that too lol, I got a lot of cybersec videos from community college channels. Thanks for the advice, will look into them.
>>64312282I have more interest in finding out the nitty gritty of how actual cyber warfare is done, especially because I am making a SCIFI narrative which involves cyber warfare operations. I find grand and massive battles quite boring, and find a deeper interest in the complexities of shit like this.
>>64312288you wont learn about how shit works at all unless you enlist or learn it elsewhere. it might as well be magic otherwise. if you're just planning on doing it for writing, go vague and watch how shit is done via DEFCON talks.
>>64312305Shit you're right, I should get into cyber security, I barely just got out of high school. My recruiter said I qualified for cyber sec jobs and intel anyways.
>>64312260Generally most cyber-operations aren't "loud". What I mean is that shutting off the power or payment systems is good for operations in the short term but doesn't pay dividends long term since the enemy knows you're in the network and will take steps to kick you out. Typically by simply wiping and restoring from backups to replacing straight up replacing hardware.Most operations are "quite", as in the red team will try to not raise alarms to keep their operations undiscovered for as long as possible. Most of the time they will be gathering information.Read up on how the cyberwar during the Ukraine war went down. It's a pretty good example of what cyberwarfare actually looks like. Pic related is what happened when the Russians figured out the Ukrainians were using cellphones and laptops to track troop movements and listening in on conversations.For books, "Ghost Fleet" has a pretty good depiction of cyber-warfare operations."Cybersecurity and Cyberwar: What Everyone Needs to Know" is a really good starting point if you know nothing.Now if you want to learn how to actually attack and defend networks then there are a lot of CTFs you can cut your teeth on. I'd recommend OverTheWire if you're a total noob to get started. HackTheBox is also really good. /g/ generally has a /cyb/ + /sec/ general up and the /g/ wiki also has good information if you're starting out. https://igwiki.lyci.de/wiki/Cybersecurity_-_basics_and_armoryhttps://igwiki.lyci.de/wiki/Security>>64312339>My recruiter said I qualified for cyber sec jobs and intel anyways.Based. If you go Cyb-Sec then you'll have a real leg up when you get out if you want to stick with it. The military will train you and help you get your certs. Plus you're more then likely get a security clearance while you're in. That shit will look really good on you're resume and you can pretty much walk into a Cybsec job either for the DoD itself or for the various other contracting companies.t. Cyb-Sec Contractor
>>64312260>Tired of trying to find videos or articles on the subject, none of them give any actual insight apart from "DA STUXNET VIRUS"stuxnet is the most novel attack that's publicly available since its implementation involves things you can buy at microcenter>How does the military or intelligence agencies carry out cyber operations>other cool cybersecurity facts and tactics>I've been interested in discovering what tools are utilizeduhh... well its implementation is complicated and you are ultimately limited by your imagination.just understand that if there's something of significance on a computer that is capable of storing, reading, or modifying a text file(the one common ancestor between all operating systems from 1995-2025)... it's fair game for us.hypothetically, so long as the computer and we know where it is... it is possible to retrieve said file. however, if the computer is connected to the internet that makes it significantly easier(no, not because we'll pop a reverse shell into the target machine itself. no seriously give some serious thought to the tradecraft aspect of information and you'll understand what i mean).>making a SCIFI narrative which involves cyber warfare operationsif you want to make an interesting story that isn't tropes we've all seen from moviesgo and acquire a good understanding of programming and its relationship to the hardware stack, the OS stack, how to program sockets, how to make your own file system, network stack + some basic physics + electronic engineering...after which go read some warcollege papers(US navy is the best regarding this subject imo) regarding EW, SIGINT, ELINT, and if you know where to look MASINT.you'll be sure to cook up some spooky shit that's interesting to read.but please, try not to reveal anything that's actually secret in your books since our adversaries may not be as smart as you are.and if you do reveal something, be vague and do not be technical.
>>64312379Lol dont worry, I'm retarded but not that retarded to share state security secrets through fictional media. I'd have to simplify stuff anyways to make it digestible for the reader anyways, probably.
>>64312358Very cool stuff, thanks for the links. I heard of HTB actually through this youtube channel who does cybersec content, I know certs are a big deal especially if you wanna get a good position in these fields. (idk if Mad Hat is a good source of info regarding Cyber-sec stuff though)
>>64312358>Generally most cyber-operations aren't "loud".If it's open war then>cyberwar during the Ukraine war went down. It's a pretty good example of what cyberwarfare actually looks like.Yes.>Pic related is what happened when the Russians figured out the Ukrainians were using cellphones and laptops to track troop movements and listening in on conversations.Ehh... cyber operations could've been the first to detect a source of new actionable intel, but "tracking troops and listening on conversations" is definitely more practical via sigint.Contrary to popular belief, the US has finite resources to cover a finite area for a finite amount of time. This is made x100 worse if it is not involved kinetically within a given battlespace.Also, on the subject of Ukraine... I'm 99% certain the cell towers in ukraine were saved by the sheer overwhelming use of spooky US + sidekick's electronic warfare and electronic counter measures via {REDACTED} and {REDACTED} in the first few days and regularly for the next few months until it was certain Russia's missile barrage was over.Having active cell towers allowed front-line ukrainian grunts to coordinate an ad-hoc a defense(doesn't matter if Russians could listen in at this point), survive long enough until better US equipment + advisors + support comes in allowing ukraine to formalize their defense doctrine.It's comical how the cell towers became used by Russia's armed forces themselves when it was meant to be the bottom barrel means for Ukraine to continue to mount a defense against their invasion.The use of said cell towers have lead to kinetic strikes on officers, garrisons, supply depots, even entire movements.
>>64312358>Most operations are "quite"ESL
My company was hacked a few years ago, and I know what happened because I was party to the calls we had with infosec contractors afterwards>hackers somehow gain access to a user PC on the other side of the country that hadn't been turned off or updated in years>privileged credentials were present in the working memory of the PC from an admin's remote-access session from a long time ago>the compromised user PC was used to access the network and the extracted credentials (password sharing bad) were used to log in to a local admin account on an old backup domain controller>the local account allowed the intruders to create regular privileged network accounts>they used those new accounts to remote in to as many servers as they could and run automated encryption attacks>they used mega.io to bulk extract files from the network>they left ransom letters on each compromised machine with directions to leave money in a bitcoin wallet or something in exchange for the encryption keyin layman's terms, they walked around the outside of the building until they found an unlocked window, then searched around inside that room until they found a set of janitor's keys. Most hacking seems to consist of rattling windows and testing doorknobs to see where they've been left unlocked.
>>64312358>For books, "Ghost Fleet" has a pretty good depiction of cyber-warfare operationsThere are no books that depicts cyber-warfare beyond treating as arcane black magic.Which might be a limitation of managing scope/domain i.e. the author will have to talk about way more than just shit related to things you can find in defcon talks regarding cyber-warfare.To put it another way, all cyber-warfare I've read is pure cringe and always within the scope of residential IPs against a public IP. This isn't a bad thing, but it doesn't even get very technical and uses none stop buzzwords like "virus" or "backdoor". It'd be more interesting if there was one that discussed the implantation of exploits based on outdated/patched vulnerabilities or other tactics.For an author, real cyber-warfare would involve talking about an entire stack of spooky technology that is the bridge that enables cyber-warfare in the first place.By that I mean... imagine a spooky FBI van with a transmitter/receiver for wifi, publicly available communications, even the noise from your monitor(no it does not matter if it's CRT or LED or QLED etc... in EM it glows, HARD) now imagine this thing but x100-1000 the spookiness at an altitude where you cannot hear nor see it.>>64312415Tbh most state secrets are publicly available on university websites in some form or another and requires extensive technical knowledge to understand(luckily for all of us implementation requires money + even more technical knowledge not found in the paper). However, that does not mean these secrets are announced beyond a small group of electrical engineers and the use of said {REDACTED} within a battle doctrine is found only within the minds of the war-planners themselves.
>>64312433Mad Hat is a good channel. His content is more dedicated on how to actually land a Cyb-Sec job than how to actually do the job. Mental Outlaw is another good channel, he mainly sticks to news. He's also a known /g/entooman.Networkchuck is a good channel if you're starting out as a complete noob. He has good guides an tutorials.crow (@crr0ww) has a really good guide on Windows Malware Development.John Hammond is another good channel and so is Lauriewired though she's does more development content.There are a lot of really good niche security channels that cover a wide range of topics. I remember finding a fascinating channel that was dedicated to creating custom exploits and payloads for the first few pokemon games on GB and GBC in autistic detail.>>64312476Fuck, time to kill myself then.>>64312470>"tracking troops and listening on conversations" is definitely more practical via sigint.Fair point. It was more of a point on how wide the field is and what can be actively targeted and exploited by such operations. There is a reason cellphones aren't allowed in secure locations.>Also, on the subject of Ukraine... I'm 99% certain the cell towers in ukraine were saved by the sheer overwhelming use of spooky US + sidekick's electronic warfareMaybe, It could also be that the Russians had expected that their red teams would've taken those offline at the time, weren't worried about them because of their expected timetable (3 day operation lol), or they're just that stupid. I do fully believe that the Ukrainian blue team was just completely fucking cracked when it came to network defense and recovery. They were completely on the ball and were definitely unsung heroes during the first hours and days of the war. Honestly, I'd love to get my hands on a book on how they conducted their operations. IMO they showed the world how it's done.
>>64312260Cyber warfare is really simple, anon.>jack in>jack off>jack out
>>64312482>the compromised user PC was used to access the network and the extracted credentialsNot to make you more paranoid, but even in enterprise windows most still allow access to cmd/powershell, a web browser console, and a connection to public internet(gmail is all you need).Vague example I'm thinking of...embed whatever spooky exploit into images -> convert specific parts to base64 -> copy paste into anything allowing you to save the contents of your clipboard -> save file(most intrusion detection suites scan the file as it is downloaded to disk the first time, it does not rescan every time you modify the file) -> do whatever hex editing -> {use your imagination} to executeor open incognito mode -> login to chrome account -> download a browser addon via chrome sync -> modify browser CSP, application level permissions, etc... -> addon does the spooky shit you wrotei just pulled these 2 out of my ass right now
>>64312656>>Vague example I'm thinking of...More specific example I'm thinking of...>know the exact keyboard at a target machine>allowed a few weeks of prep-time and testing>implementation of persistent spooky malware would be 30 seconds at the target computer>use spooky electrical engineering technique to maintain peripherals' connections to motherboard while unplugging the originals to spooky EE devices to clone relevant IDs to spooky keyboard + mouse>swap cable connector with new spooky keyboard + mouse>remove connection spoofer>all device management(shit you plug in via USB) security is bypassed>even assuming the keyboard and mouse are on PS/2 ports there is quite a bit of information to be gathered>if this is any sort of USB keyboard/mouse with macros or persistent memory for copy paste... then it becomes possible to begin watermarking data for {REDACTED}>data is broadcast regularly after computer is shutdown or after N idle time(everyone has gone home)>attempts to disassemble either spooky mouse or keyboard beyond conventional means(physically attempting to remove the factory board to see what's underneath) results in a secondary circuit containing a pressure, sensor battery, and variable resistor frying the spooky keyboard/mouse hardware entirely.
>>64312561>Fair point. It was more of a point on how wide the field is and what can be actively targeted and exploited by such operations. There is a reason cellphones aren't allowed in secure locations.cellphones in "Secure locations" that aren't within an active battlespace is completely fine.fyi, cellphones were allowed in defense contractors for a significant amount of time until certain incident/s made all electronics off limits(the fear of someone taking pictures of something secret or downloading something secret to a cellphone is a risk that's easily mitigated)>Maybe, It could also be that the Russians had expected that their red teams would've taken those offline at the timeGLOSNAS spoofing>weren't worried about them because of their expected timetable (3 day operation lol), or they're just that stupid.after seeing 2 years of Joe Biden's foreign policy and the US pull out of Afghanistan, it was honestly a calculated risk on Russia's part.unknown to Russia and the US + NATO was the true military readiness of the Russian Federation's Armed Forces as it was in 2025, not as it was imagined during the cold war.>They were completely on the ball and were definitely unsung heroes during the first hours and days of the war.unsung heros are the ones controlling the sources of electronic warfare via satellites, drones, but especially planes>Honestly, I'd love to get my hands on a book on how they conducted their operations. Instruments of Darkness: The History of Electronic Warfare, 1939-1945after you start seeing cyberwarfare as an extension of the electronic warfare domain, this book is as close as you're gonna get without a clearance to real word operations in technical and doctrinal detail.
>>64312260we have seen a little that points to how this would look recently. In ukraine its mostly taken the form of information gathering with both sides hacking iot cameras to watch movements where possible (mostly in the early days while systems were still functional), hacking and monitoring cell providers, and using cyber as a method of performing influence operations. The more interesting development has been from israel , where we have seen large scale supply chain attacks via pagers and the recent attack in iran, while both of these were not cyber directly they were supported by cyber. Where cyber takes the stage here is with predatory sparrow, a group most experts seem to agree is Israel using hacktivism as a cover for action to provide plausible deniability. From them we have seen the firmware re-flashed on gas pumps rendering them inoperable , causing a steel mill to burn down, stealing large amounts of money from crypto exchanges, and "embarrassment operations" hacking into prisons and military sites ant publishing internal video feeds and documents.This development is basically a form of signaling that they can do much worse , but are choosing to limit the scale, gas pumps were recoverable and not fully bricked, steel mill was given warnings first, and so on. This development had been talked about by academics for years before now but this the first time we have seen obvious nation state signaling in the cyber realm from a major power.As conflicts go we will see an increase in destructive or more visiable attacks, stuxnet is the one that people still talk about , but in most situations that level of stealth is not required. US infrastructure as well as most of the worlds is incrediably vulnerable to cyberattacks that are capable of causing physical damage and loss of life , but so far there has been limited need to target systems. But this avenue of attack is getting more and more likely to be used.
>>64312547there are a couple non fiction , This is how they tell me the world ends is a great one , sandworm is another. for fiction ghost fleet definitely does the best at atleast keeping it somewhat grounded but it does take some liberties.
>>64312260The Chinese script kiddies release cheap electronics with backdoors built into them that give attackers the capacity to easily gain remote access to these systems and sniff data from routersThe average American/European old ass executive doesn't know shit about infosec and buys the cheapest Chinese shit and hires the most Indian tech support guy he can to do infosec and this guy doesn't know shit about fuck when it comes to industry best practices or setting up layered security And it's cheaper to just be like "oops we're sorry we lost all your data" than to hire a team of competent infosec professionals. Especially when the CEO hires his brother to do the job for $80k a year and they have some half retarded "consultant" come in and set everything up. And they wonder why companies are losing data and their hardware is compromised and why nobody knows what a data backup is because Rajesh in IT has never done one
>>64312731All these books are a type of social commentary and written as fiction more than a fictional story about cyber-warfare.I suggest you try "Cuckoo's egg", the book takes place in the Cold War but the creativity of the protagonist and antagonist is something I've never seen since in any fiction with emphasis on computer security with constraints.Example of this is the protagonist begins printing network traffic to paper to preserve out of disk space.
>>64312260The biggest tool in cyberwarfare is in meatspace: social engineering. The second biggest tool is phishing. Once you get physical access to a network or system via a usb drive/password, it doesn't matter what program you use. There is no green haired girl wearing 80s punk rock regalia hacking in front of a CRT monitor with scrolling green text. Like actual real world spies, cyberwarfare is really boring.
>>64312859cuckoos egg is nonfiction.
>>64312358Anyone got a full-sized file of that poster?
>>64312299>I have more interest in finding out the nitty gritty of how actual cyber warfare is done, especially because I am making a SCIFI narrative which involves cyber warfare operations. I find grand and massive battles quite boring, and find a deeper interest in the complexities of shit like this.The reason you basically never ever see any realism in cyber warfare in media is the same reason you basically never ever see any realism in space warfare in media: reality is fucking boring except maybe to certain turboautists. If you want to learn about the "nitty gritty" /k/ is not the place, just go learn about reverse engineering and finding exploits, then ask a tech forum about what jobs are like at a VPN company like Mullvad or whatever, and extrapolate from there. It's lots and lots of looking at code and trying stuff out at most, or setting up and maintaining gray/black services so you can have a nice pool of residential IPs to use as springboards, or using code others have made and said springboards to get access to something and then painstakingly sitting at a shell for awhile doing shit or going through huge amounts of stolen data which is 99.9% worthless to try to find the useful stuff. Like, it's not going to be VISUALLY particularly distinguishable from any white collar tech job in the world.
>>64315045Also it's well known there are plenty of long term boring front operations that probably won't come to anything but everyone runs all the time because rarely they do. Supply chain attacks or really prep for them, trying to disguise stuff as desirable consumer products/services in the hope that your real target might bite, endless social engineering stuff which mostly doesn't work but sometimes does, trying to backtrack through social network graphs to find someone who is vulnerable if the main target isn't vulnerable that the main target might be reached through, blah blah blah.And on the defense side honestly a lot of the counter measures are just stupidly fucking obvious shit like>don't put your SCADA system on the public internet YOU FUCKING RETARDSexcept rando foremen in nowheresville running a water facility or something honestly don't know. You can pick low hanging fruit and dispense with enormous attack surface.>t. runs small business in rural area and finally seeing people start to pay attention more this year
Cybersecurity is pretty interesting but can you actually make a decent career out of it if you're not ex-military? I constantly see ads like "make $100,000 a year after doing our online cybersecurity course, enroll now!" so it seems like a bit of a meme.
>>64312260you cyberwar the halloween fare.
>>64318822Kinda. Depending on where you live, the market is probably saturated right now (IT is rarely a profit center, so the beancounters and C-suites keep looking at it every time they need to make a cut - doubly so when there's economic downturns or uncertainty), and it's got the classic IT problem of"Entry-level position for tech created last year! Great for new grads/those seeking career change! See below for requirements:">Scroll down>"4 years exp in that specific tech">"12 years exp in IT overall, 5 in a leadership role">"PhD (Masters accepted with extra 2 years exp)">"$10,000+ in marginally relevant certs"Not saying you shouldn't make a go of it if you really like the idea, but go into it eyes-open and expect to be doing helpdesk/sysadmin work after graduation.
>>64318822>Cybersecurity is pretty interesting but can you actually make a decent career out of it if you're not ex-militaryLike other anon says it depends on where you are and the approach you want to take. I live in a rural area and it is now a sizable part of my work as an independent "IT guy" contractor. My clients care and since they are all small businesses and trust me to do right by them (and I do work very hard to do right by them) it's money. You can also work to get in with local governments as I have, which is also a decent income stream and they do need serious help even with the basics. I don't know long term if that'll be a "career" however, and if you're looking for employment at a major place in a city that's a whole different ballgame.
>>64312482>Most hacking seems to consist of rattling windows and testing doorknobs to see where they've been left unlocked.Pretty much, though you did leave out the social engineering angle. 90% all attacks can be prevented if folks follow basic Cyb-Sec rules. US govt has a set for business to follow known as NIST Cybersecurity Framework. There is also CMMC from the DoD for contracting companies which also follows NIST guidelines but uses a tiered compliance system depending on system integration and what kind of data is being handled. Following just level 1 of CMMC can prevent a majority of attacks.
>>64325889Same as with real world crime prevention, it's always worth remembering that 99% of the time they aren't after /you/, they're after /somebody/. Unless you're in a special sensitive position or business of some kind that has international import, mostly cyber attacks are a numbers game. There is so much low hanging fruit that nobody is going to bother wasting extra time and effort on randos if the basic tricks don't work.It's like having a proper secure door/frame/windows in your house and using cheap normal efforts to make it take, say, 5 minutes to break in instead of 15 seconds. Obviously, if somebody actually wanted specifically to break into your house for a specific individual reason that wouldn't stop them. But that effectively never happens, instead burglars are just after money, as quickly and easily as possible. If a house is extra effort they'll just go to the next one with the unlocked back door made of glue, sawdust and cheap veneer and some shitty door handle lock.Basic security practices are like basic home security. You don't have to be fort knox just inconvenient enough to not be trivial either.
