IT security research stumbled into the world of nation-state intelligence operations more or less by accident. In a now classic
VB2015 paper
, Juan Andres Guerrero-Saade discussed this shift from security research to intelligence brokerage and what this implied.
Juan Andres has been a regular speaker at the VB conference since then, and has given talks on
false flags
and
fourth party collection
. Now a researcher for
Chronicle Security
, at
VB2018
in Montreal Juan Andres presented a long and very well researched
paper
(it contains 87 footnotes and 94 references) looking at the language we use to describe APT threat actors.
In the paper, and in his presentation, Juan Andres argued that the language we use to describe APT threat actors often focuses on the wrong things. For example, actors are described as ‘sophisticated’, but it is far more meaningful to discuss whether their operations are automated or whether they make manual mistakes. He also argues that we shouldn’t see threat actors as static but acknowledge they are dynamic and often change in significant ways.
You can read Juan Andres’ paper in
HTML
and
PDF
format. We have also uploaded the video of his VB2018 presentation to our
YouTube
page.
A call for papers for
VB2019
(London, 2-4 October) will open later this month. Sponsor/partner opportunities for VB2019 – the most international threat intelligence conference – are
available
.
Leave a Reply