Exploring the “Let’s Name and Shame Them” Intelligence Community Mentality – Keep it coming?

Is it just me or I think that what was once basically classified and sensitive information is becoming to make its way into the public space including the commercial sector for the purpose of disinforming or generating revenue for its owners including with the actual information and research making it in places where you could once dream of seeing it – such as for instance FBI’s Most Wanted Cybercriminals list? Keep reading.

When was the last time you really knew what APT (advanced persistent thereat) really means? Do you think it’s suitable even common for the FBI to actually feature major and prominent cyber espionage groups into its most wanted Cybercriminals list largely utilizing and using public sources or eventually based on complaints? Think twice before featuring these groups – or else everyone can make it in the FBI’s Most Wanted Cybercriminals list based on the research that they do which could possibly lead to a direct compromise of OPSEC (Operational Security) despite the given and offered rewards.

Let’s take a brief look at the FBI’s Most Wanted Cybercriminals list for 2020 and discuss in-depth the general mentality of “naming and shaming” bad actors including the rare cases where bad actors try to “name and shame” the good actors and discuss in-depth the intersection between law enforcement and the U.S Intelligence Community and the Security Industry in terms of obtaining and actually acting upon classified and potentially sensitive cyber threat intelligence in an attempt to raise more awareness on the actual usability and potential irrelevance and possible mockery of utilizing Security Industry driven cyber threat intelligence which basically comprises a decent port of the individuals and groups currently found on the FBI’s Most Wanted Cybercriminals Top List.

Find below related information on some of the key individuals currently on the FBI’s Most Wanted Cybercriminals Top List:

• Innovative Marketing
• Evgeniy Mikhaylovich Bogachev
• Syrian Electronic Army
• Iranian-Based Cyber Threat Actors

The threasure-throve of cyber threat intelligence information currently at the disposal of the U.S Intelligence Community can be also greatly attributed to the ongoing commercialization of the threat intelligence market segment with more vendors and feed providers actually joining this market segment potentially offering thousands of never-published before IoCs (Indicators of Compromise) and in-depth discussion and actual data-mining for advanced persisent threats which can be greatly described as passive vitual SIGINT and actual tactics techniques and procedures (TTPs) discussion which I’ve been basically doing for over a decade now.

How should the U.S Intelligence Community actually respond to the ongoing mockery and complete IP (Intellectual Property) theft in terms of the ongoing commercialization of the threat intelligence market segment? As I’ve once discussed before and actually participated in a Top Secret GCHQ Progam aiming to monitor public hacker and security expert Twitter feeds for OSINT (Open Source Intelligence) data called “Lovely Horse” the overall reliance on the commercial sector in combination with the academic sector could truly prove to be a valuable and extremely positive in terms of a potential central clearing-house of cyber threat intelligence events which could greatly mature into a commercial-academic and U.S Government private sector partnership with the U.S Intelligence Community potentially diversifying the technical know-how and potential sources of information citing possible National Security considerations in place.

It should be fairly easy to assume that the day advanced persistent threats (APTs) start popping-up on the FBI’s Most Wanted Cybercriminals Top List with tons of publicly obtainable or commercially available information and data on a given case we can easily begin to talk and discuss the actual OPSEC (Operational Security) compromise of the actual campaign to track down and prosecute the individuals behind a specific campaign.

With more vendors continuing to generate buzz including possibly sales on a per advanced-persistent-threat (APT) basis it should be fairly easy to assume that good old fashioned free and publicly accessible and obtainable sources of strategic tactical and operational cyber threat intelligence should continue to represent your daily read and daily visit.