Country Risk

Analysts consider best practice for cyber-threat research

31 August 2017
A selection of screenshots of currently available crypter programs, used to conceal the nature of malware to defeat anti-virus systems. More advanced features include anti-analysis features intended to defeat the techniques researchers use to examine malware, for example by penetrating virtual machines or sandboxes, underlining the risks involved in researching cyber threats. Source: Rodrigo Bijou

Key Points

  • Analysts examining cyber threats are required to work with sources that are at risk of manipulation through deliberate disinformation campaigns, or which are potentially malicious to view or interact with.
  • The increasing sophistication of state-based or -backed cyber adversaries applying intelligence tradecraft has created additional challenges for analysts conducting research and producing analysis on cyber threats.
  • Best practice for analysts would include practising sound operational security, establishing ‘ground truth’ in digital evidence and verifying sources, and working with an in-depth understanding of the requirements of the customers using their analyses.

Analysts at private organisations and public agencies are increasingly tasked with researching cyber threats.

Want to read more? For analysis on this article and access to all our insight content, please enquire about our subscription options:

(129 of 2943 words)