Advanced Persistent Threats

Advanced Persistent Threats Targeting the Middle East: Tactics, Techniques and Recommendations for Countermeasures

Abstract:

This research analyses the tactics and techniques of Advanced Persistent Threat groups targeting the Middle East, focusing on improving regional cyber security practices. It evaluates security measures using the MITRE ATT&CK framework, threat intelligence feeds, and simulated attacks in a controlled environment simulating corporate networks. Through experimental testing methodology employing both quantitative and qualitative analysis approaches, the research executed 127 attack techniques against endpoints and 1,968 web-based attacks to evaluate detection capabilities. Testing revealed that only 6.3% of endpoint attacks were detected by security solutions, while just 41.4% of web attacks were blocked by the Web Application Firewall, highlighting significant gaps in existing defences and recommending adoption of more enhanced technologies.

Analyzing Disk-Minimal Malware in Phishing Attacks: A Forensic Methodology for Modern Cyber Threats

Abstract:

Today’s cyber threat landscape is characterized by advanced methodologies and attacks that inflict monumental damage on educational and financial institutions, healthcare systems, and information infrastructures. Among these threats, phishing remains the most effective initial vector for system compromise. The authors provide comprehensive insights into the evolving threat landscape and introduce an updated definition of fileless malware, referred to as disk-minimal malware. They propose a methodology for forensic examiners to identify and analyze the attack lifecycle of disk-minimal malware delivered through phishing attacks.

A Context-Centred Research Approach to Phishing and Operational Technology in Industrial Control Systems

Abstract:

Advanced persistent threats that leverage phishing against OT are cyberattacks that endanger critical infrastructure assets nationwide. Today phishing, a human focused exploit, constitutes 91%  of successful attack vectors against federal assets. This means Human-Introduced Cyber Vulnerabilities (HICV) are the weakest cyber link. The success of these attacks also suggests HICV are neither well understood nor mitigated. To characterise HICV and provide the necessary context in which they exist, this paper introduces a research approach derived from the mature sci-ence of social ecology. The desired end result of this research is an HICV-focused risk assessment framework.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com