PRO+ Premium Content/Information Security

Thank you for joining!

Access your Pro+ Content below.

April 2017, Vol. 19, No. 3

Politics of cyber attribution pose risk for private industry

This article is part of the Information Security issue of April 2017, Vol. 19, No. 3

Toward the end of the Obama administration, the Department of Homeland Security published a comprehensive list of the tools, techniques and indicators of compromise, called Grizzly Steppe, to out the Russians and their attempts to influence the 2016 presidential election. The Joint Analysis Report, issued in conjunction with the FBI, immediately highlighted the political side of attribution. Network administrators could access the findings in the report to protect their assets from malicious cyber activity such as malware. However, technical indicators on endpoints and networks were reportedly of poor quality, according to some cybersecurity teams, and roughly 40% were not specific to Russia. In the shadowy world of cyberespionage, the game of who is to blame can be complicated and fraught with politics and turf battles. Cyber attribution occurs when indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs) from the entire cyber kill chain are associated with an advanced persistent threat or APT group. While ...

Access this PRO+ Content for Free!

You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login above.
Please provide a Corporate Email Address.
You forgot to provide your first name.
You forgot to provide your last name.
You forgot to provide a job title.
You forgot to provide a company name.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Features in this issue

MSSPs add advanced threats as managed security services gain hold
by Jaikumar Vijayan
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'?
In her new role of CISO, Annalea Ilg is curious, driven and paranoid
by Alan R. Earls
The vice president and CISO of ViaWest, Ilg is tasked with keeping the IT managed service provider and its cloud services secure.
Politics of cyber attribution pose risk for private industry
by Adam Rice and Mark Maunu
Why nation-state attribution plays a major role in the U.S. government's willingness to share cyberthreat intelligence with private-sector companies.

Columns in this issue

Outsourcing security services rises as MSSPs focus on industries
by Kathleen Richards
Despite increasing levels of specialization, managed security service providers often don't understand the business you're in. That may be changing.
Chenxi Wang discusses DEF CON hacking conference, 'Equal Respect'
by Marcus J. Ranum
Grassroots efforts to shift cultural thinking in information security have had a positive effect, the former professor of computer engineering says.

View Information Security Archives

Access your Pro+ Content below.

Politics of cyber attribution pose risk for private industry

Features in this issue

MSSPs add advanced threats as managed security services gain hold

In her new role of CISO, Annalea Ilg is curious, driven and paranoid

Politics of cyber attribution pose risk for private industry

Columns in this issue

Outsourcing security services rises as MSSPs focus on industries

Chenxi Wang discusses DEF CON hacking conference, 'Equal Respect'