Wed, Oct 16, 2019
The Cyber Threat Landscape – An Introduction
Hackers, cybercriminals, ransomware, cyberterrorism, state-sponsored cyberespionage, hacktivism: we hear these terms constantly. Cyber incidents have become newsworthy because virtually everyone’s personal data has been compromised in one or more of the thousands of incidents that have occurred over the years, only some of which have been made public.
Executive Summary
Oct 16, 2019
Cyber Incident Actors: Who Are They?
Oct 16, 2019
Insider Actors
Oct 16, 2019
Cyber Incident Methods
Oct 16, 2019
The Life Cycle of an Attack
Oct 14, 2019
Monitoring the Threat Environment
Oct 14, 2019
- View all articles

Every system that uses digital technologies – whether it involves centralized servers with immense processing power and storage capabilities or information we store and transact on our smartphones – has vulnerabilities associated with it. Some of these are well known and understood; others are constantly emerging. The reality is that a system that was considered secure yesterday may be insecure this morning because a new, previously unknown hardware or software issue (called a zero-day vulnerability) has been identified.
Systems are compromised by attackers for many reasons. A disgruntled current or former employee with a grudge wipes out a key file or program. A nation-state actor compromises a company’s competitive bidding system and provides its forthcoming bid to a competitor in its country. A hacker compromises huge numbers of payment card accounts and offers them for sale on the dark web. A criminal tricks someone at a help desk into providing them with access codes. A misconfigured system allows an intruder to go from a portion of a system that monitors environmental conditions in one location to one that stores sensitive financial information. These all have happened and continue to happen.
In this chapter, we share our collective insight spanning the public and private sectors, different parts of the world, and diverse industry backgrounds and experience of more than 40 years investigating and responding to cyber incidents.
The questions we cover are: Who are the suspects? What kinds of threat-actors are out there targeting our systems? Is there some logic in how they select victims? In how they attack? Why are so many attacks successful?
Source
An extract from the first edition of The Guide to Cyber Investigations. The whole publication is available at Global Investigations Review.
Cyber Risk
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Cyber Risk Assessments
Kroll's cyber risk assessments deliver actionable recommendations to improve security, using industry best practices & the best technology available.
CyberDetectER
Proactively monitor, detect and respond to threats virtually anywhere – on endpoints and throughout the surface, deep and dark web.
Virtual CISO (vCISO) Advisory Services
Kroll’s Virtual CISO (vCISO) services help executives, security and technology teams safeguard information assets while supporting business operations with augmented cyber expertise to reduce business risk, signal commitment to data security and enhance overall security posture.