DIGITAL BREAD CRUMBS: SEVEN CLUES TO IDENTIFYING WHO'S BEHIND ADVANCED CYBER ATTACKS
In today’s cyber threat landscape, identifying your enemy is a crucial piece of any defense plan. Finding out who your attackers are, how they work, and what they want is critical to protecting your data and intellectual property.
Fortunately, breached computer systems, like any crime scene, contain a trail of clues. When it comes to advanced cyber attacks, attackers may give themselves away inside their malware code, phishing emails, command-and-control (CnC) servers used, and even behavior. Just as the science of fingerprints, DNA, and fiber analysis have become invaluable in criminal forensics, connecting the dots of an advanced cyber attack can help identify even the most sophisticated threat actors—if researchers know what to look for.
This paper describes the facets of malware attacks and what they often reveal about the culprits, as well as how to identify and defense against threat actors.