Quick Global Cyber Threat Intelligence Observations 22-23

Cyber Attack Vectors
What is Zero Trust Network Access
Zero Trust Network Access Software Defined Perimeter
Zero Trust Implementation by DOD and Cyber Command
Quick CT landscape
Pentagons Zero Trust
CT Mind Map

The dramatic surge in open source software supply chain attacks has sent defenders scrambling to find mitigations and solutions.

Software supply chain attacks increased by 742% at a time when we depend on open source software to build 97% of all enterprise code.

Security debt is a real problem for most organizations in the world today and the attackers will utilize this to their advantage. The more vulnerabilities a company has, the more likely it is that a malicious actor will take advantage of them. Security debt increases the risk of hackers gaining access to a company’s network, meaning the risk of a potential data breach soars.

To prevent security debt from building up, defenders must keep system hygiene front of mind and focus on proper network zone segmentation, essentially building a zero-trust networks.

Distributed denial of service attacks, or DDoS attacks, see malicious actors attempt to disrupt a site by overwhelming its infrastructure with a large amount of internet traffic. As DDoS attacks overwhelm a site’s bandwidth, this prevents users from accessing it.

Cloudflare Blocks Record DDoS Attack as Threats Surge

The attacks, which originated from more than 30,000 different IP addresses, targeted websites including a gaming provider, cryptocurrency companies, hosting providers, and cloud computing platforms

In today’s interconnected world, critical infrastructure is under constant threat from cyberattacks that can compromise the availability, integrity, and confidentiality of essential systems and services. As a result, governments around the world are implementing regulations to protect these vital assets from harm.

With a predicted 25.4 billion active Internet of Things (IoT) devices worldwide in 2030, companies should be looking to protect it as a rapidly growing asset and target for cyber attacks.

Research by Nozomi Networks Labs for its OT/IoT security report has found that in the latter half of 2022, IoT devices were frequently targeted by malicious actors aiming to gain control of them. Likewise, Operational Technology (OT) systems were a similar target due to their ability to destabilize a company’s network.

The ever-present threats of ransomware and data breaches make it imperative to lock down systems and prevent attackers from gaining a foothold. Hardening a system means reducing its attack surface and implementing defence in depth, preventing an entire system compromise.

The Domain Name System (DNS) is one of the oldest internet infrastructures, and often overlooked in security. However, through it passes an incredible amount of attack traffic. Attackers often use DNS to conduct command and control (C2) communication, download malware onto a machine, and facilitate multistage attacks.

State of the Internet (SOTI) report to gain insights into malicious DNS traffic and its potential impact: By Akamai.

26% of infected devices have reached out to identified initial access broker (IAB) C2 domains, including Emotet- and QakBot-related domains.
IABs present a large risk to organizations, as their primary role is to do the initial breach and sell access to ransomware groups and other cybercriminal groups.
30% of affected organizations are in the manufacturing sector — twice as many as the second-largest vertical.
Network-attached storage (NAS) devices are ripe for exploitation, as they are less likely to be patched and hold troves of valuable data. Our data shows attackers are abusing these devices through QSnatch.

Malware is a fast-growing, ever-evolving threat to cyber security. In the first six months of 2022, over 2.8 billion malware attacks were reported worldwide. Beyond risks to their network, malware like ransomware can have real, monetary costs for businesses. In 2021, damages of ransomware alone cost US$20bn. This was a 6054 percent increase on the global cost of ransomware in 2015, which was $325mn.


“Cybersecurity remains at the top of every organisation’s agenda. Google Cloud’s unique capabilities and expertise can help organisations, large and small, in the public or private sector, address today’s most prominent security challenges and imperatives:

Complete End to End Cyber Threat Intelligence Solution – Virustotal + Chronicle + Siemplify

The U.S. government has improved its alert process for emerging cyberthreats to the United States and its allies and partners around the world—with the U.S. Computer Emergency Response Team (US-CERT) alert system and the MITRE ATT&CK framework at the center. In response to a new threat, US-CERT uses MITRE ATT&CK to describe observed adversarial tactics, techniques, and procedures (TTPs).

Describing adversary behavior using the CTI knowledge base is a cornerstone of the threat-informed defense paradigm. Techniques rarely occur in isolation, and instead, the attacker typically uses each technique to pave the way for others as they pursue their ultimate objectives.

Emotet continues to be used in wide broad-based attacks against victims in all sectors across the world.
The infamous botnet has been disrupted thanks to an international effort across the US, Canada, and several European nations.

Quick recap of Global Cyber Threat Intelligence brainstorms (2019-2022) by https://1Power.substack.com and https://easytech4all.net

US Federal Agencies. Security Organisations
US Cyber Command.NSA.US Dept of Homeland Security.Department of Defense . Secret Service CID. CISA.FBI


UN Security Council Cyber Threats Debate –

UNIDIR Cyber Stability Conference 2021 & AI Disruption Peace Security (innovations dialogue) 2022


Importance of Information and Communication technologies .

NATO Locked Shields 2022


Cyber Polygon with World Economic Forum and INTERPOL


White House National Cybersecurity Strategy


Countering Ransomware with Department of Homeland Security , Cybersecurity and infrastructure Security Agency , Federal Bureau of Investigation , SecretService Criminal Investigation Department

Cyber Essentials by Cybersecurity and Infrastructure Security Agency and Department of Homeland Security.

Ransomware Attackers Defenders – FBI’s perspective

US Cyberspace Solarium Commission

UK Cybersecurity Association with Digital Police Center.

Fourth Annual Cybersecurity Summit by Cybersecurity and Infrastructure Security Agency .

Fourth CEO Summit – USA

State of American Business 2023

Challenges faced by Government and international LAW Enforcement

Intelligence and National Security Alliance (INSA) 2022 UPDATE

What is Advanced Cyber Threat Intelligence ?

Accreditations Webinars LMS – Cybersec CTI

Google Cloud Security Summit with Chris Inglis (National Cyber Director , Executive office of the US President)


Security information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware. Vendors sell SIEM as software, as appliances, or as managed services; these products are also used to log security data and generate reports for compliance purposes. The term and the initialism SIEM was coined by Mark Nicolett and Amrit Williams of Gartner in 2005.


Zero Trust Architectured Networks by Cybersecurity and Infrastructure Security Agency

1PowerCyber and Easytech4all Global CTI Research & Analysis.

Mapping Global CTI Landscape and Visual Trends

International Cyber Threat Intelligence Brainstorms

Safe and Secure Digital Ecosystem for Schools by US Department of Homeland Security and Department of Justice

Global Cyber Threat Landscape

CyberKinetic and 5G



Cyber Independence and Freedom

Cyberattacks and Critical Infrastructure (Reading & Resources)

Space Threats and Satellite Navigation Systems


Comsec Protocols and Paradigms


Advanced Cyber Threat Intelligence Landscape and Updates via Digital Magazine by 1PowerCyber for Easytech4all.net


Advanced Cyber Threat Intelligence Research Analysis Assessment and Projections . Video Playlist .


Advanced Cyber Defense Threat Intelligence Blog in Progress






Clarke R.A, K. R. (2010). Cyber war: the next threat to national. eCCO.

Clarke, R. (2011). Cyber War: The Next Threat to National Security and What to Do About It. Harper Collins.

Cybersecurity and Infrastructure Agency. (2021, October 15). CISA HOME. Retrieved October 14, 2021, from https://www.cisa.gov/about-cisa

Gazula, M. B. (2017). Cyber Warfare Conflict Analysis and Case Studies. Massachusetts Institute of Technology .

Jeremy Rabkin, A. R. (2016). Hacking Back Without Cracking Up. Aegis Paper Series No. 1606.

Kukuh Ugie Sembodho, A. T. (2021). The Limitation of United States Deterrence Strategy Towards North Korean Cyber . Global Strategis, p. 150.

Libicki, M. (2009). Cyberdeterrence and cyberwar. Santa Monica: The Rand Corporation.

M, T. (2012). An analysis for a just cyber warfare in Cyber Conflict (CY-CON). , 2012 4th International Conference on,, (pp. 1-10).

National Security Agency. (2021, October

14). NSA Home.

Parks R, D. D. (2011). Principles of cyberwarfare, security privacy. IEEE, 30-35.

Rid, T. (2012, March). Think Again: Cyberwar. Foreign Policy , pp. 80-84.

Sanger, D. (n.d.). The Perfect Weapon: War, Sabatoge, and Fear in the Cyber Age. New York: Crown Publishers.

Schmitt, M. (2014). The Law of Cyber Warfare: Quo Vadis? Stanford Law & Policy Review, 269-270.

Tallin Mannual. (2017). Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations.

The White House. (2011, April). National Strategy for Trusted Identities in


The White House. (2021). Improving the Nation’s Cybersecurity. Federal Register Vol. 86.

Trautman, L. J. (2016, April). Cybersecurity: What About US Policy? Journal of Law, Technology & Policy, p. 344.

US Cyber Command. (2021). US Cyber Command Mission. Retrieved from https://www.cybercom.mil/About/Mission-and-Vision/


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s