SpringerLink
Log in

Doxing

  • Chapter
  • First Online:
Attribution of Advanced Persistent Threats

  • 1579 Accesses

Abstract

The most impressive attribution results are those that identify specific individuals, ideally with their real names and even photos. Objectively speaking, the concrete individuals behind the espionage attacks are usually less relevant than the organization they work for. Nevertheless, at least on an intuitive level, the accountability of the actors becomes much more tangible if real people like “UglyGorilla" are identified as the hackers behind an APT campaign and not just a faceless organization like the Third Department of the Chinese People’s Liberation Army. An important technique for identifying individuals is doxing, i.e. the research of personal data in public sources. This chapter explains how analysts use doxing methods to uncover the identity of APT group members and which factors determine the validity of the results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Howlett, W.: The Rise of China’s Hacking Culture-Defining Chinese Hackers. Master’s thesis. California State University (2016). http://scholarworks.lib.csusb.edu/cgi/viewcontent.cgi?article=1413&context=etd. Accessed 13 Sep 2017

  2. CrowdStrike: Hat-tribution to PLA Unit 61486. In: CrowdStrike Blog (2014). S. 14. https://cdn0.vox-cdn.com/assets/4589853/crowdstrike-intelligence-report-putter-panda.original.pdf. Accessed 8 Oct 2017

  3. ThreatConnect: Camerashy-Closing the aperture on China’s Unit 78020. In: ThreatConnect Blog (2015). http://cdn2.hubspot.net/hubfs/454298/Project_CAMERASHY_ThreatConnect_Copyright_2015.pdf. Accessed 9 Oct 2017

  4. IntrusionTruth: What is the Hainan **andun Technology Development Company? (2020). https://intrusiontruth.wordpress.com/2020/01/09/what-is-the-hainan-xiandun-technology-development-company/. Accessed 9 Jan 2020

Download references

Author information

Authors and Affiliations

  1. Bonn, Germany

    Timo Steffens

Authors
  1. Timo Steffens
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Timo Steffens .

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer-Verlag GmbH Germany, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Steffens, T. (2020). Doxing. In: Attribution of Advanced Persistent Threats. Springer Vieweg, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-61313-9_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-61313-9_9

  • Published:

  • Publisher Name: Springer Vieweg, Berlin, Heidelberg

  • Print ISBN: 978-3-662-61312-2

  • Online ISBN: 978-3-662-61313-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation