{"id":42821,"date":"2021-09-13T16:00:47","date_gmt":"2021-09-13T16:00:47","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=97197"},"modified":"2021-09-13T16:00:47","modified_gmt":"2021-09-13T16:00:47","slug":"afternoon-cyber-tea-learn-how-to-stop-misinformation-threats-from-nation-state-bad-actors","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/afternoon-cyber-tea-learn-how-to-stop-misinformation-threats-from-nation-state-bad-actors\/","title":{"rendered":"Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors"},"content":{"rendered":"
<\/div>\n
\n

Information has long been wielded as an instrument of national power and influence. In today\u2019s digital world, misinformation can also be just as powerful.<\/p>\n

On a special episode of Afternoon Cyber Tea with Ann Johnson<\/a>, Sandra Joyce, Executive Vice President and Head of Mandiant Intelligence at FireEye joined me to talk about threat attribution and accountability when it comes to the use of technology by bad actors to help spread misinformation.<\/p>\n

As a US Air Force Reserve officer and faculty member at the National Intelligence University with four master\u2019s degrees in cyber policy, international affairs, science and technology intelligence, and military operational art and science, Sandra is an expert in understanding how nation-state actors leverage traditional and social media channels to erode confidence in free and fair elections. Sometimes, those bad actors will use these core values, such as freedom of speech, against us, according to Sandra. For instance, she recounts the story of a foreign group that used those values against the US by fabricating letters from concerned citizens to be published in US newspapers.<\/p>\n

In this powerful episode, Sandra discusses how threat actors are adopting new threat techniques\u2014shifting from signature malware to commodity malware\u2014and pivoting to smaller malware families that they hope will be overlooked by cybersecurity professionals. That combination will make it harder to detect threats amid the noise. She recommends that organizations research threats and undertake a threat profile on themselves to learn their vulnerabilities and the biggest threats that could target them. That can shape priorities. Using the metaphor of bank robbers, she says it\u2019s not so hard to rush the guards in a building but is hard to learn the location of the safe, get the combination to the safe, and escape undetected. The latter is where the bulk of business intrusion happens. Companies need to root out threats in that lateral stage.<\/p>\n

During our conversation, we also spoke about threat intelligence and what\u2019s involved in threat actor attribution. After recognizing a cluster of threat activity, there\u2019s a lot of work required to identify which organization or country is behind the threat. It usually takes months to collect information about the threat\u2019s techniques, infrastructure, and command and control (C2) channel, which is the channel a threat actor uses to commandeer an individual host or to control a botnet of millions of machines. For years, FireEye\u2019s Mandiant Threat Intelligence team has been tracking financial crime group Fin11, which deploys point-of-sale malware targeting the financial, retail, restaurant, and pharmaceutical industries. Both technical indicators and the targeting information prove useful in these investigations, in part as you learn about the bad actors\u2019 intentions. To learn what organizations can do to combat threats, listen to Afternoon Cyber Tea with Ann Johnson: Taking a \u201cwhen, not if\u201d approach to cybersecurity<\/em> on Apple Podcasts<\/a> or PodcastOne<\/a>.<\/p>\n

What\u2019s next<\/h2>\n

A new season of Afternoon Cyber Tea with Ann Johnson launches this October 2021 on The CyberWire! In this important cyber series, I talk with cybersecurity influencers about trends shaping the threat landscape and explore the risk and promise of systems powered by AI, IoT, and other emerging tech.<\/p>\n

You can listen to Afternoon Cyber Tea with Ann Johnson on:<\/h2>\n