Blog Posts Tagged with "Attribution"


Iran Fingers US Hackers in Oil Ministry Attacks

June 12, 2012 Added by:Headlines

"Two American IPs were identified in the (cyber) attack against the oil ministry... The nature of the attack and the identity of the attackers have been discovered, but we cannot publicize it since we are still working on the case..."

Comments  (0)


South Korea Moves to Improve Cybersecurity Posture

June 11, 2012 Added by:Headlines

"To the North, it is attractive to develop cyber capabilities as it does not cost much money to establish and maintain cyber units. Another reason is it is very difficult to trace down the origin of cyber attacks, which can be a good excuse when it is blamed for any cyber attack"...

Comments  (0)


Cybersecurity: Washington DC is a World of Grey

June 07, 2012 Added by:Joel Harding

The US State Department cannot sign many treaties in cyberspace, and we cannot establish a lot of cooperation, because there is a lack of a definition or there is no established threshold for most of what we deal with. Part of that problem is that as soon as the ink dries, most of the conditions will change...

Comments  (0)


Flame: Implications vs. Speculation

May 30, 2012 Added by:Robert M. Lee

Attribution is incredibly hard to apply in the cyber domain, and even the most appealing pieces of evidence can be purposely misleading. The perception of attribution applied to a nation-state cyber attack can put tension on nation-state relationships, have an effect on deterrence, and cause real-world issues...

Comments  (0)


Attribution: Inductive vs. Deductive Reasoning

May 18, 2012 Added by:Infosec Island Admin

In the present day where cyberwar is all the rage, and governments as well as private sector entities are seeking to cash in on the power grab that is mostly information warfare - as the Chinese call it - too many are forgetting a core problem to the picture: Attribution...

Comments  (7)


Cybercrime Does(n't?) Pay

May 14, 2012 Added by:Beau Woods

Although many studies fail at basic science, I'm hopeful that the information security industry will get better both at true academic research and at coming up with accurate metrics for the most important data. We'll get there as we mature as an industry, but it will take a while...

Comments  (0)


Panetta Treads Lightly Around Chinese Cyber Attacks

May 10, 2012 Added by:Headlines

"I can hardly agree with the proposition that the cyber attacks directed to the United States are directly coming from China. And during the meeting, Secretary Panetta also agreed on my point that we cannot attribute all the cyber attacks in the United States to China..."

Comments  (0)


Security: Is it Who or What That is Important?

May 04, 2012 Added by:PCI Guru

There is a very active discussion going on in security circles about understanding adversaries and how that impacts security strategy. I have taken a contrarian position in this argument and have stated that, in the scheme of things, I do not believe that you need to waste time understanding your enemy...

Comments  (6)


Cyber Weapons - Bits Instead of Bullets Damage Nonetheless

May 03, 2012 Added by:Rafal Los

In this post I discuss some of the ramifications of digital weapons and put into context just what this means for your enterprise security strategy as your organization continues towards cloud/utility computing, mobility, and a larger presence on the Internet...

Comments  (0)


Let’s Put Real War In To Cyberwar

April 19, 2012 Added by:Joel Harding

Why isn’t infosec effective? Because we already admitted defeat. Hackers have nothing to fear. Their computer might be confiscated, they might spend a few cozy months in some minimum security prison, and then they will get recruited by an offensively oriented corporation...

Comments  (0)


China: Our Incompetent Master Adversary?

April 16, 2012 Added by:Jeffrey Carr

Either China is the greatest and dumbest adversary we've ever had, or the real dummies are those in infosec who can't be bothered to question the obvious when doing incident response, or who choose to cater to the rising tide of Sinophobia in the U.S. in order to boost their sale...

Comments  (0)


We Need Better Defensive Tools

April 02, 2012 Added by:Gabriel Bassett

Marketers, Google, Facebook, can piece information together to identify you even when you don't say who you are. Banks, online video games, and major web services can degrade service based on perceived threats. It's time for infosec to build such tools to execute a better defense...

Comments  (0)


APT Detection with IOCs: The New Maginot Line

March 18, 2012 Added by:Pascal Longpre

IOCs can also be easily circumvented by the attackers by using dormant backdoors created by different actors and using completely different techniques. Creating a simple backdoor that spawns a reverse shell to the attacker’s system requires limited skills, time and money...

Comments  (0)


Yet Another Chinese-Based Targeted Malware Attack

March 14, 2012 Added by:Headlines

"The payload is also an advanced persistent threat - extremely difficult to detect once inside the network. Although it’s more than a week old, the backdoor still has poor detection, with only 7 of 42 antivirus solutions able to detect it..."

Comments  (0)


Northrop Report Examines Chinese Information Warfare Strategies

March 08, 2012 Added by:Headlines

"PLA leaders have embraced the idea that successful warfighting is predicated on the ability to exert control over an adversary’s information and information systems, often preemptively. This goal has effectively created a new strategic and tactical high ground..."

Comments  (0)


What They Don't Teach You in "Thinking Like the Enemy" Classes

March 06, 2012 Added by:Pete Herzog

The enemy is not homogenous. Just like there is not just one foreign language, there is not one type of enemy. Among those enemy attackers, not all think alike. Even those joined together under a common mission or goal, there is often division in how to accomplish that goal...

Comments  (2)

Page « < 1 - 2 - 3 - 4 > »