One of the most polarizing and imaginative issues in the practice of analyzing hostile activity is attribution, i.e. an attempt to define specific entities, organizations or persons responsible for the operation. The interest in "who did it" should come as no surprise - the process of analyzing cyber activity often takes the exact opposite of investigating "ordinary" crimes. […]
Tag: diamond model
Collecting diamond chains - threat intelligence analysis tools
After traveling around the globe, we move on to the vast world of operations in cyberspace - specifically how they are analyzed and how it helps in defense. One of the inspirations for the name of this blog - counterintelligence.pl - was that the activity known as Cyber Threat Intelligence (CTI) is, in my opinion, the activity of [...]