Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
The complexities of public attribution
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The complexities of public attribution
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 12,828
Threads: 8,851
Thanks Received: 8,733 in 6,894 posts
Thanks Given: 9,634
Joined: 12 September 18
#1
15 April 19, 07:31
Quote:
[Image: complexity-of-public-attribution-featured.jpg]

Over the past couple of years, we have seen an emerging trend from nation-states, or a consortium of nations publicly attributing cyberattacks to a particular adversary. In the game of spies spying on spies, it has become a game of whodunnit that can have repercussions in the real world.

Now, you may have read about APT actors on this blog or seen reports from our colleagues in the cybersecurity space in the past, but that work came from security researchers — and security researchers tend to avoid doing specific public attribution and will instead talk about clues such as the language the attackers speak, target location, and indicators of compromise (IOCs). They may even give APTs names like Fancy Bear, Equation, Desert Falcons or APT27, which may (or may not) contain hints about the characteristics of the threats.

Their actions may annoy those responsible, but this is not, say, the United Kingdom pointing a direct finger at Israel or the United States holding a press conference with indictments against members of clandestine services in Russia. As I said, there are consequences to such attribution — but as they say, all is fair in love and war.

Earlier in the month, during the Security Analyst Summit, Florian Egloff of the center for Security Studies discussed this topic during the SAS Unplugged session of the conference.

Egloff wasted no time getting into the real-world consequences of these public outings or shaming from governments around the world, which have ranged recently from sanctions to the expulsion of diplomats. The past few years have seen cybersecurity emerge as a key focal point of foreign policy. This area ranges from building out stronger investment to attribution and prevention and potentially adding public attribution to incident response.

These responses include some actions that are meant to deal direct harm to an adversary. Some actions could include offensive measures or burning a toolkit of a nation-state attacker by sharing samples with Virus Total.

This threat-response evolution continues, and in the past year, we have seen nations publicly name an actor in conjunction with one another and with policies that have taken center stage. So, what does the future hold?
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
nternet Download Manager 6.42 Build 9
Changes in 6.42 Bu...harlan4096 — 06:45
Ubuntu 24.04 LTS / 23.10
Ubuntu 24.04 LTS /...harlan4096 — 06:44
Mozilla Thunderbird 125.0
Mozilla Thunderbir...harlan4096 — 06:43
AMD Radeon Software Adrenalin 24.4.1
Highlights New ...harlan4096 — 06:41
AV-TEST - Cybersecurity: Defense Against...
AV-TEST - Cybersec...harlan4096 — 06:40

[-]
Birthdays
Today's Birthdays
avatar (49)steakelask
avatar (43)Termoplenka
Upcoming Birthdays
avatar (49)Toligo

[-]
Online Staff
There are no staff members currently online.

>