Proactively Digging in the U.S Cyber Warfare Realm – And How You Can Perform Better?

16 Apr 2019 By Dancho Danchev

Do you want to become a major Cyber Warfare player? Do you want to effectively assist your Unit organization or nation in becoming a major Cyber Warfare power? Keep reading.

In this tutorial we will walk you through the basics of Clandestine and Covert Online Operations for the purpose of gaining a tactical and strategic advantage over your friends and enemies including your company and organization’s competition for the purpose of getting the upper hand in upcoming negotiation acquisition of “know-how” through Talent Management and Technical Collection proactively positioning you your company and organization including your nation as a prominent Offensive Cyber Warfare Power in today’s modern Information and Data-driven World.

I’ll also provide practical examples in case you’re on a possible acquisition spree or might be interested in what would a company or an individual in question do next?

Keep reading!

The main type of Offensive Cyber Warfare Operations include:

  • Acquisition Spotter – interested in finding new ways to purchase and acquire new Information Security companies and services further expanding your organization’s portfolio of services? Keep reading. It should be noted that active monitoring of a company’s Competitive Network of Intelligence should become your day one priority. How you can perform better? Do you like going through company Press Releases including Investor Meeting documents and presentations further gaining a Competitive advantage over the company including your competitors? Keep reading. It should be noted that a vast “treasure trove” of Competitive Intelligence information could always be found in a Company’s Press Release Section including possible Investor Relations material. Shall we take a moment and use a proper example? Keep reading. Geographical-based events based on publicly obtainable Press Releases could easily plot a company’s current and long-term strategy on a map including partnerships and upcoming integration partnerships that could be used to map and keep track of the competition including possible “territory expansion” Sales and Customer Service type of activity and acquisition including possible experience and expertise understanding on what might the individual or organization in question do next in terms of possible company acquisitions and talent and ‘know-how” acquisition. Shall we use an example? Are we ready to hit them back? Depends on who you’re really dealing with. In this particular case we can use Northrop Grumman’s Investor relations “relevations” for the purpose of empowering the U.S DoD and the U.S Intelligence community with the necessary “know-how” to launch and conduct offensive cyber warfare utilizing “restricted payload” further improving an operator’s status and observance of cyber space including possible virtual “theater operations”. What does really mean? It basically means that one of the major and leading military defense contractors seems to be basically busy utilizing basic OSI model exploitation principles for the purpose of earning additional revenue further positioning itself as a major cyber warfare service provider. What type of tactics techniques and methodologies do they really rely on? It’s fairly easy to assume that on the majority of occasions major military defense contracts might be definitely looking forward to “borrowing” technical and strategic “know-how” from a variety of sources including security researchers and the Security Industry in general. A sample “utilization” of this publicly obtainable trade-craft might have to do with utilizing OSINT for capability building including a proactive based “malicious” and classified payload development based on publicly obtainable statistics on some of the most popular devices and browser user-agents currently in use – to further position the defense contractor as a leading provider of proactive classified payload type of provider. What does “classified payload” really mean? It can be best described as a novel use of an outdated and already established methodology courtesy of fellow security researchers and the Security Industry – this time positioned to be further enhanced and utilized by the U.S Intelligence community. A possible example might be the “borrowing” of tactics utilized and used by some of the market leading Web malware exploitation kits – further enhancing a possible “classified” payload solution with a modified and enhanced payload in a targeted and capability-building capacity. Keep reading. In the second example that we’ll use in this case – we’ll further detail a possible information leak from a possible competitive intelligence type of perspective – namely General Dynamics utilization of Microsoft antivirus and McAfee on proprietary and classified networks further exposing these networks and endpoints to well-known monocultural vulnerabilities and flaws. The relevance? Think twice. With Microsoft’s struggling to perform on the antivirus market segment next to another vendor namely McAfee – it should be noted that these type of information leaks in the face of a possible high-level contractual-based government-type of agreements would eventually do more harm than good in the context of exploiting actual software-based including malware-signatures bypassing in the context of QA (Quality Assurance) and benchmarking applied on behalf of nation-state and rogue cyber actors. What does this constitute? It’s fairly simple to conclude that based on the current state of U.S-based Cyber Warfare and the ongoing departamentalization currently taking place within the U.S Intelligence community the agency in question would be definitely positioned to be proactively exploited and become a main target of notice within the U.S Intelligence community with other agencies and departments seeking to gain access to a fellow agency’s network citing potential monocultural flaws and vulnerabilities.
  • Trends Acquisition and Monitoring – are you a fan of “Security Trends” and the self-described “Security Predictions” periodically issued to the rest of the Security Industry? With PR departments continuing to “work” the Security Industry on a daily basis – it should be noted that one PR department’s press release can be easily converted in a possible trend and acquisition spotting methodology. What does really mean? It means that prior to go through the very latest and greatest Security Trends – you should definitely keep an eye on the following factors – for instance whether the vendor is piggybacking on a popular buzz-word such as for instance ransomware and whether or not the vendor is actually pitching a new platform solution which should be monitored and potentially researched from a competitive intelligence type of perspective including possible capability-building perspective. Let’s use the following examples to demonstrate the case. In the first example we’ve got several Security Trends type of articles whose value basically lies in a demonstration of basic modern 21st century Security Industry principles known as “AI and Machine Learning Will Drive Most Cyber Security Efforts” including possible automation – “Embracing automation” in the context of scaling Cyber Security Operations through the utilization of SOC centers including threat intelligence automation and possible orchestration. What does really mean from a potential Cyber Warrior perspective? It means that a potential cyber warrior should definitely try to properly research the platforms in question including basic threat intelligence automation and orchestration principles and either join the job market as a potential competitive prospective or launch a threat intelligence company on their own based on their research. It should be also noted that in terms of AI and Machine Learning potential cyber warriors should avoid falling victim to a particular set of buzz words for the purpose of improving their own market segment competitiveness and possibly either join the job market as a competitive research-based driven prospect or actually launch a company on their own.
  • Shredding Light on Current Cyber Espionage Attack Vectors – Interested in finding out more the latest technically-relevant cyber espionage attack vectors without the need to get a career in Information Security and Cybercrime Research? Keep reading. It should be noted that potential cyber warriors should definitely stay up-to-date with the latest events in the world of espionage and should definitely continue figuring out proper ways to keep in technical in terms of attack and propagation vectors for the purpose of improving their own market segment competitiveness. Let’s use the following example – further demonstrating a common trend namely the re-branding of good old fashioned cyber espionage campaign launched by a sophisticated adversary compared to the today’s “modern” APT (advanced persistent threat) which is basically script kiddies utilizing off-the-shelf and most commonly known as proprietary RAT (remote access tool) publicly obtainable at a variety of cybercrime-friendly online communities. What does this mean? It means that basic old-fashioned propagation and infection vectors including the utilization of outdated and already patched client-side based vulnerabilities including the use of newly discovered flaws continues getting utilized this time successfully empowered by the open-source based malicious and fraudulent releases often available as-a-service for the purpose of empowering a new generation of cybercriminals and script kiddies with the necessary tools to launch an offensive cybercrime-friendly attack. How you can perform better? Consider sticking to basic offensive cyber warfare principles and do your research in a variety of areas – most importantly attempt to keep in as technical as possible in the context of empowering your organization with the necessary threat intelligence to stay ahead of current and emerging cyber threats.
  • Cyber Security Corporate Job and Career Sentiment Research – Do you want to be like the others? Do you want to become a cyber warrior? Keep reading. Based on a general perception that we can all be whatever we really want to be – it should be fairly easy to conclude that a vast majority of readers including Unit-123.org readers can quickly aim to build capabilities based on “information leaks” that can further position the individual as a competitive work-force type of individual successfully acquiring “know-how”? What does constitute an “information leak”? In this example we’ll go through a variety of job openings from leading cyber security companies for the purpose of establishing the foundations for a successful “know-how” acquisition and talent management acquisition from the perspective of competitive intelligence perspective. Let’s take for instance Cyberint’s current Cyber Intelligence Analyst job opening in the context of this example – and further elaborate more on how you should go for interpreting the job career opening in the context of possible application or a possible capability-building. What does this position really mean? Let’s take a moment and go through the actual job description – “managing, monitoring and analyzing US customer’s KPIs using CyberInt’s unique intelligence platform“. What does really mean? It means that the individual in question will be definitely looking forward to loosing some of his professional edge for the purpose of digging deep into the vendor’s Threat Intelligence Platform potentially limiting the scope and dimension of his research to a variety of vendor and market-driven research-based topics only. Potential Cyber Warriors interested in becoming vendor-centric type of researchers should definitely consider a “Lone Gunmen” type of career further diving deep into the trenches of cyber warfare and information security in general. Let’s further discuss yet another job proposition from the perspective of cyber warfare capability-building “Leverages advanced investigative skills to initiate pivoting analysis on Threat Intelligence to identify current impact or proactively process mitigations for defense through security technologies and proactive mitigations including zero-day patching identification and anomalous behavior.” meaning that the individual in question should definitely look forward to achieving a decent understanding of zero day exploitation including possible network-based anomaly detection further enhancing his skill set and possibly acquiring new career opportunities. In the last example for this particular case we’ll detail a pretty decent U.S Intelligence community-based career opportunity and will offer a practical insight on how you can perform better. What does this position really mean? It means that a pretty decent portion of your time will go for the common good in this particular case – profiling and analyzing cybercrime groups and campaigns and their online activities.
  • Social media trends and news discovery – It should be clearly evident that a highly competitive prospective offensive cyber warrior should be on the top of the latest cyber security events and attacks currently taking place. How you can perform better? Consider utilizing basic OSINT concepts including proper news and social media monitoring services to further improve your situational awareness and market segment competitiveness. Let’s use the following examples to further catch up with some of the current events within the shady World of Cyber Warfare. Proper keywords to search for include “NSA” “cyber warfare” “APT” “malware” and “cyber espionage” that would further allow a potential cyber warrior to easily catch up with the latest developments in the world of Cyber Warfare further improving his situational awareness on current and emerging threats. How should a potential cyber warrior proceed in terms of further processing the associated data? Let’s use the following example. For instance
  • SIGINT “assets discovery” analyst – Interested in finding out the latest data including technical know-how in terms of the latest and most active malicious and offensive cyber campaigns? Keep reading. It should be noted that good old fashioned OSINT methodologies including the general availability of RSS readers can come handy in the process of proactively keeping yourself up-to-date in terms of the latest current and emerging cyber threats. Among the key requirements for becoming a SIGINT “assets discovery” analyst in terms of offensive Cyber Warfare perspective is to “follow the trail” not necessarily the money in terms of keeping yourself up to date with the latest developments in terms of a particular offensive and malicious cyber campaign.

Do you want to learn more about clandestine and offensive Cyber Warfare operations including possible OSINT methodology and trade-craft?

Feel free to approach me dancho.danchev@hush.com

Post Views: 20

Leave a Reply

Your email address will not be published. Required fields are marked *

Unit-123.org E-shop Owner Information

Who is Dancho Danchev?

Unit-123.org

Focused on delivering daily batches of personally-produced never-ending supply of high-quality and never-published and released before classified and sensitive Intelligence Deliverables.

Latest Products