论文标题
利用网络威胁情报来支持应用于俄罗斯 - 乌克兰冲突的对手的理解
Using cyber threat intelligence to support adversary understanding applied to the Russia-Ukraine conflict
论文作者
论文摘要
在军事组织中,网络威胁情报(CTI)通过向指挥官提供有关对手,其能力和目标在网络空间运作时的基本信息,从而支持网络空间的运营。本文将CTI与MITER ATT&CK框架相结合,以建立对手概况。此外,它通过分析2022年1月在乌克兰发生的窃窃私语操作来确定攻击阶段的特征,并提出防御的最低基本措施。
In military organizations, Cyber Threat Intelligence (CTI) supports cyberspace operations by providing the commander with essential information about the adversary, their capabilities and objectives as they operate through cyberspace. This paper, combines CTI with the MITRE ATT&CK framework in order to establish an adversary profile. In addition, it identifies the characteristics of the attack phase by analyzing the WhisperGate operation that occurred in Ukraine in January 2022, and suggests the minimum essential measures for defense.
