Tag Archives: cyber intelligence

Save the date! Timing the hack for the biggest impact.

Save the date: Timing the hack for the biggest impact

Published:

There are now three certainties in life – there’s death, there’s taxes and there’s a foreign intelligence service on your system’ – Head of Cyber at MI5 (2013)

Over the last two decades, the scale and severity of cyber attacks has been very variable. It  is probably safe to suggest that the secret sabotage of a nuclear facility by the Stuxnet worm is in a slightly different league to the theft of payment card data held by a commercial brand like Chipotle. Nonetheless, there are several underlying attributes that provide a common framework to compare unconnected incidents. The Diamond Model of Intrusion Analysis indicates that for every incident, there is:

  • An Adversary
  • The Capabilities of the Adversary
  • A Victim
  • Infrastructure over which the attack occurs
Continue reading

Cybercrime in the Retail and Hospitality Industries

Published:

Some industries are more likely to attract particular kinds of threat actors than others. The retail and hospitality industries for instance are very attractive targets for cyber criminals as both collect and process large quantities of personal and financial data. This is similar to the banking industry but, whereas major bank breaches are now considered to require sophisticated operational procedures and have become the preserve of highly specialised groups, the retail and hospitality industries remain prime targets for criminals of all capabilities.

Continue reading
Digital sovereignty in the age of connectivity: RuNet 2020

Digital sovereignty in the age of connectivity: RuNet 2020

Published:

The Russian Federation is currently pursuing a radical transformation to internet connectivity within the country. RuNet 2020 is an ambitious project to establish a national government-controlled network which is intended to function in an insulated environment from the broader internet in the event of a crisis.

Continue reading

Spies in the Middle East: Israeli Cyber Operations

Published:

The State of Israel has developed exceptional cyber capabilities that surpass all other nations within the MENA region. In January 2017, Prime Minister Benjamin Netanyahu declared that Israel had become one of the top five global cyber powers. Israel conducts covert cyber operations that are strictly classified and rarely formally acknowledged. So, beyond the infamous Stuxnet virus, what do publicly available sources reveal about state-sponsored hackers within Israel?

Continue reading

Press release: Security Alliance launch cyber threat intelligence platform ThreatMatch at the official opening of the UK Cyber Demonstration Centre

Published:

ThreatMatch launch

 

 

 

 

 

 

 

ThreatMatch is a cyber threat intelligence platform that provides users with relevant, actionable and timely threat intelligence that can be tailored to their unique environments. Using a diverse and extensive range of sources, ThreatMatch provides continuous alerts on how an organisation’s attack surface correlates with the threat posed by the malicious actors targeting it.

John Beale, founder of Security Alliance comments: “We were delighted to be invited to launch ThreatMatch at the official opening of the UK Cyber Demonstration Centre.

Continue reading

Video: SANS Cyber Threat Intelligence Summit 2017

Published:

The SANS Cyber Threat Intelligence Summit 2017 was held in Arlington Virginia on January 31, 2017 and February 1, 2017.

Watch Rob Dartnall, Cyber Intelligence Director at Security Alliance present : The Use of conventional intelligence methodologies in Cyber Threat Intelligence

Continue reading
The corporation as a threat actor

The Corporation as a Threat Actor

Published:

Generally when conducting threat assessments, a tried and tested method is to assess the threat from four categories of threat actor:

  • Nation state / Nation state proxies / Intelligence services
  • Organised criminal gangs
  • Hacktivists and hackers
  • Malicious and unintentional insider
Continue reading

Securing the Securer: Cyber Threats to the Insurance Sector

Published:

“Amazing”, “extreme”, “one of the coolest things I’ve ever seen.” These were the words of a cyber forensics expert who was tasked with investigating the biggest breach of an insurance company in history. Respectively, these words describe the operational security, stealth tactics, and malware engineering of the group that stole the personal information of almost 79 million policyholders in the US in 2015. The forensic team claim that 1000 boxes were infected, and roughly 7000 MD5 hashes (distinct file identifying numbers) were assigned to the ever-changing malware used to conduct the breach. What the details of this breach show is that the insurance sector has become a particularly attractive target for well-resourced and highly skilled cybercriminals.

Continue reading

West African Threat Actors

Published:

Last year saw a plethora of sophisticated cyber attacks including the infiltration of Oracle’s MICROS point of sale customer portal, the string of multi-million dollar thefts that leveraged the SWIFT banking network, and the US election hacks

Meanwhile in West Africa, cyber criminals continue their ongoing operations.

Continue reading