Since launching ThreatConnect.com, Cyber Squared's Intelligence Support Team
has become more effective in managing, analyzing and sharing our Threat
Intelligence. While understanding the threat remains one of our core
requirements, we have also begun to fill a key gap that, we feel, many within
the industry are failing to address.
Providing effective Threat Intelligence requires more than just
characterizing the threat from a technical perspective. Instead, you must
strike a balance between providing technical context as well as non-technical
relevancy to the victim. Industry report authors will often admire the
cyber espionage problem all the while promoting their technical talents.
Unfortunately, these overly technical threat details are not easily
interpreted or acted upon by today's non-technical business leaders. So,
ultimately, this shortcoming often over... (more)
In October of 1962, during the buildup to the Cuban Missile Crisis, a debate
between Adlai Stevenson and Valerian Alexandrovich Zorin at the United
Nations Security Council, revealed how far the U.S. was willing to go to
produce evidence that the Soviet Union was indeed stockpiling tactical
nuclear weapons and ballistic missiles in North America. The Soviets,
reluctance to be truthful "in the court of world opinion", forced the hand of
the U.S. to produce the very intelligence that the Soviets' claimed the U.S.
did not have. Once the overhead photos of the missiles were shared pu... (more)
With the 2012 political season upon us, we have just gained a glimpse of the
individual candidates and their cyber policies. It is from those cyber
policies that we have also heard the candidates address China;
specifically Chinese nation state cyber sanctioned or sponsored espionage.
To the American voter, “cyber” issues may not be the hot topic that the
economy, immigration or the presence of troops in Iraq and Afghanistan are.
However, the candidates and their staffs would benefit by recognizing cyber
security is not just a second tier national issue for debate, but a very real... (more)
Two weeks ago the New York Times (NYT), Wall Street Journal (WSJ), Dow Jones
(DJ) and Washington Post (WP) all reported being targeted and exploited by
Chinese Advanced Persistent Threat (APT) groups. In most cases, the
compromises had reportedly been going on for quite some time and were severe
enough that the Media Industry was forced over a barrel, like so many others,
to stroke a check for a multi-month "cleanup on aisle nine" incident response
Since the media is a highly relational and "connected" industry, it lends
itself to being especially vulnerable to this typ... (more)
Within the ThreatConnect Intelligence Research Team (TCIRT), we feel that
sharing what we know, whether publicly or privately, helps to grow our
organization. We see information sharing as a key investment area, allowing
our team to more efficiently save time and money while helping us achieve
broader organizational goals.
We recognize that Threat Intelligence is not a one size fits all solution,
but rather a series of tailored processes. We also see significant benefits
to organizations that implement even the most modest Threat Intelligence
sharing processes. As a resource ... (more)