Attribution Part II: Don’t overthink it

7 years ago
29 November 2016
0 replies
117 views

Userlevel 7

+54

Jasper_The_Rasper
Moderator
10581 replies

See Also - Attribution, and when you should care: Part 1

Posted November 29, 2016 by William Tsing

Last time, we took a look at a few common mistakes that are easy to make when trying to attribute cyber attacks. To recap:

Don’t

Panic over one indicator

Chase unrealistic threat models (Are you a cleared defense contractor or a law firm servicing one? No? Then APTs are probably not for you.)

Demand unambiguous data before implementing mitigations. You will not get it, and you will annoy your SOC.

So let us try to see if we can do better. Here’s a banking-themed phish a colleague received back in July.

Full Article

0 replies

Be the first to reply!

Reply

Customer Support
Webroot.com
Blog
Status Page
Community Guidelines
Legal
Privacy
Cookie Preferences

We have recently updated our Privacy Policies. We encourage you to read the full terms here.

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded