Archive | Attribution

Attribution is Hard, Part 1 | Tenable Network Security

To accurately establish attribution, you need evidence and understanding: Evidence linking the presumed attacker to the attack An understanding of the attacker’s actions, supporting that evidence Evidence collected from other systems that matches the understanding of the attacker’s actions An understanding of the sequence of events during the attack, matching the evidence via Attribution is […]

Malware Attribution is a Waste of Time

According to Ellyne Phneah‘s piece at ZDNet, Rob Rachwald, senior director of research at FireEye observed that the security industry today is keen on attributing malware to a specific region or group in an effort to assign blame. [H]e pointed out attribution to malware was not key in combating cybercrime because it did little to […]

Schneier on Security: More on Chinese Cyberattacks

Schneier on Security: More on Chinese Cyberattacks. Schneier disagrees with active defense. From the post: Because espionage unfolds over months or years in realtime, we can triangulate the origin of an exfiltration attack with some certainty. During the fog of a real cyber war attack, which is more likely to happen in milliseconds, the kind […]

Powered by WordPress. Designed by Woo Themes