Example : Low and slow - detect the capable, patient and dangerous

The Business

This example considers an organisation involved in defence. It undertakes many related activities to project force. They face highly organised, highly capable adversaries who are patient, tactical and willing to use ‘low and slow’ tactics. The skills used are way beyond those of opportunistic attackers who will move on to an easier target.

Today’s hit

The organisation has a large complex CIS infrastructure. Hosts and network infrastructure frequently come under attack or fail. The organisation suspects that there is a ‘low and slow’ pattern to the attacks aimed at degrading and undermining the defence capabilities. Unfortunately without analytics evaluating the attacks and their effects, detecting a pattern in real-time is not possible.

Determining what is going on

Predictive Actionable Intelligence is required to understand:

Is there a themed attack and how strong is it?
Is an adversary attempting to stop a specific capability? In the defence world this could be surveillance or targeting. For a commercial organisation an adversary may be trying to disable logistics, sales or the payment gateway.

Precision Genie identifies low and slow attacks. It picks these attacks out from the noise. It predicts the theme of the attacks allowing your IT Team to fix the issues, preventing a business meltdown,

The value of Predictive Intelligence

Understanding the motive of your adversary is crucial when faced when highly skilled and motivated adversaries. As Sun-tzu notes in ‘The Art of War’ from 2500 years ago [SunTzua]:
‘So it is said that if you know your enemies and know yourself, you will not be put at risk even if you have a hundred battles.’
‘If you know neither yourself nor your enemy, you will always endanger yourself.’
Understanding the immediate threat is crucial. Is this a result of an impending campaign (military or commercial!) that an adversary would like to disrupt? Do you need to reschedule, re-implement, change tack or go on the offensive?
That’s a decision to be made by the stake-holders – there’s only so much predictive intelligence can offer!

Bibliography

Ponemon2015c: Ponemon Institute, 2015 Cost of Cyber Crime Study: United Kingdom, 2015

Ponemon2015a: Ponemon Institute, 2015 Cost of Data Breach Study: Global Analysis, 2015

Ponemon2015b: Ponemon Institute, 2015 Cost of Data Breach Study 2015, 2015

NTT2015a: NTT Group, 2015 Global Threat Intelligence Report, 2015

Verizon2015a: Verizon, 2015 Data Breach Investigations Report, 2015

Ponemon2015d: Ponemon Institute, 2015 Cost of Cyber Crime Study: Global, 2015

SunTzua: Sun-tzu, The Art of War, , https://en.wikipedia.org/wiki/The_Art_of_War

infinite precision | security experts