Guest: Jose Barajas, Director, Global Sales Engineering at AttackIQ
Join Jonathan Reiber and Jose Barajas for Episode 4 of “Think Bad, Do Good” diving into the first adversary emulation plan developed at the Center for Threat Informed Defense. The target of this plan is none other than cybercrime group FIN6.
Click here to read the transcript: https://www.attackiq.com/wp-content/uploads/2020/09/tbdg-eps4-transcript.pdf
FIN6’s operations have been recorded since 2015. Their modus operandi includes stealing payment card data and then selling it on underground marketplaces. FIN6 is notorious for aggressively targeting and compromising point of sale (PoS) systems in the hospitality and retail sectors. As of last year, their operations have extended to compromising E-Commerce merchants, via placing malware on checkout pages. And like many active threat actors today they are evolving to utilize more advanced methods. But with this emulation plan developed at the Center for Informed Defense (or CTID), organizations within these at-risk industries can begin mounting effective threat-informed preemptive measures against FIN6.
This emulation plan also represents a historic event: the first project that the CTID has released. This organization consists of representatives from the world’s leading cybersecurity companies researching threats (like those posed by FIN6) and developing the tools to counter them.
But how can cybersecurity teams actually take advantage of this new emulation plan for FIN6 and knowledge? Jose and Jonathan explain the process and benefits an emulation plan tailored to a specific threat actor provides. The goal: to help align your defenses with the latest of CTID research built upon MITRE ATT&CK.