STATEGIC PERSPECTIVE ON THE TRADECRAFT OF THREAT-ACTORS
Hackers have used ransomware and phishing to their advantage. These simple, yet serious threats are beyond the reach of even the most sophisticated cybersecurity systems.
CyberKnight will power this GISEC virtual interactive forum. We will reveal the trade secrets of cyber-attackers. Technology advocates and critics will discuss the effectiveness of cyber threat intelligence to expose the threat actors as well as their tactics, techniques, and procedures (TTPs).
This forum is one of few that will highlight the critical nature CTI to Cybersecurity Leaders. Don’t miss it!
October 27, 2020
10:00 AM Berlin
2:00 PM in Dubai
9:00 PM in Sydney
Register here -click
Avinash Advani, CyberKnight
Olesya Pavlova , CrowdStrike
Herro Zoutendijk, RiskIQ
Dr. Erdal Ozkaya Standard Chartered Bank
For more information on evets:
Table of Contents
Understanding Threat Actors
Sun Tzu wrote in his classic book, The Art of War: “If you know your enemy and yourself, you don’t need to fear the outcome of a hundred wars.” If you don’t know your enemy but you do know your own self, you will lose every victory. You will lose every battle if you don’t know your enemy or yourself.
In my previous article, “Are You Aware of Your Cyber Situation?” I discussed how important it was for you to understand your company’s digital environment. This includes understanding what data you produce, where it is used, how it is used, where it is stored, and what devices are connected to your network. Knowing your internal processes, the location and vulnerabilities of your digital resources is half of the battle.
The other half of the equation is to get to know your enemy. It is much easier and more efficient to prepare to defend your organization against a known antagonist than to defend yourself against the unknown.
It is important to understand who you are trying to harm, what they want and how they plan on getting it. There are many threats out there, but most of them fall into these categories.
Government Sponsored: These groups have well-funded resources and often carry out sophisticated, targeted attacks. They are often motivated by political, military, technical, and economic agendas. They often seek out competitive information, resources, or users that could be exploited to espionage.
Organized Crime: These cybercriminals are most often involved in targeted attacks motivated by profit. They will often seek out personally identifiable information (PII), such as credit card numbers, bank information, and health records.
Hacktivists: These hackers have a political agenda. Their goal is to create high-profile attacks to spread propaganda or cause damage to organizations they oppose. Their ultimate goal is to find a way that will benefit their cause or raise awareness about their issue.
Insider Threat: Attackers inside your organization are usually disgruntled employees, or ex-employees looking for revenge or financial gain. They may also collaborate with other threat actors such as organized crime and government-sponsored hackers out of a sense if loyalty or in exchange of money or prestige.
Opportunistic: These attackers are often amateur criminals (also known as script kids) who are motivated by fame and fortune. They may be legitimate security researchers who help organizations find and close security holes. Or professional hackers (sometimes called gray hat hackers), who seek to make a profit by exposing and exploiting flaws in network systems.