In military organizations, Cyber Threat Intelligence (CTI) supports cyberspace operations by providing the commander with essential information about the adversary, their capabilities and objectives as they operate through cyberspace. This paper, combines CTI with the MITRE ATT&CK framework in order to establish an adversary profile. In addition, it identifies the characteristics of the attack phase by analyzing the WhisperGate operation that occurred in Ukraine in January 2022, and suggests the minimum essential measures for defense.
翻译:在军事组织中,网络威胁情报(CTI)支持网络空间行动,向指挥官提供关于对手、其能力及在网络空间中活动的目标的基本信息。本文将CTI与MITRE ATT&CK框架结合起来,以建立对手特征。此外,它通过分析2022年1月在乌克兰发生的WhiseperGate行动,确定了攻击阶段的特点,并提出了最基本的防御措施。