Thursday Apr 11, 2024
Adversary Attribution: What It Means and How It Works
Today’s conversation explores a common question around adversary activity: Why does attribution matter? When a cyberattack hits, why go to the trouble of learning who is behind it? Each attempt at an intrusion can reveal a lot about an adversary — who they are, what they’re doing and what their motivations may be.
This information can not only inform your response to an attack but how you strengthen your security architecture against future attacks. In this episode, Adam and Cristian discuss the importance of knowing who the adversary is and what they’re after.
They go back to the early days of adversary attribution, explain how adversaries are tracked as their activity changes over time and examine the value of this intelligence in helping organizations succeed in the face of evolving cyber threats.
The tool Adam mentions at the end of this episode can be found at https://adversary.crowdstrike.com/