![]() Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |