当前位置:首页 > 报告详情

明目张胆反而显得隐蔽:在网络威胁情报调查中运用经典的人力情报策略.pdf

上传人: 可*** 编号:991915 2025-12-07 34页 5.30MB

1、Leveraging classic HUMINT tactics in CTI investigations01 28 2025Its so overt,its covert:273ABOUT USEliska PUCKOVA Cyber Threat Intelligence SpecialistJulien MASCARO Security&Forensic InvestigatorOSINT Lecturer274DISCLAIMERThe views and opinions expressed inthis presentation are solely ours and dono

2、t reflect the official policy or positionof anyone else or any organization.Our viewpoint is the one of CyberThreat Intelligence operatives.275AGENDA1.CyberHUMINT:Unpacked2.Pitch&Prepare3.Handle sources,avoid pitfalls4.Go with the(CTI work)flow5.Key takeaways276CYBERHUMINT:UNPACKED01.277HUMINT(Human

3、 INTelligence)HUMINT&CyberHUMINT*CyberHUMINT operation=OPS01.Intelligence gathering from human sourcesActive engagement with sources in-personRelies on trust,personal connections with sources,and interpersonal skillsProactive intelligence gatheringCyberHUMINTHUMINT adapted to the online realmActive

4、engagement with sources onlineRelies on trust,personal connections with sources,interpersonal skills.and OPSECProactive intelligence gathering which leverages online anonymity&easier access to remotely located sourcesActive Defense278HUMINT(Human INTelligence)HUMINT&CyberHUMINT*CyberHUMINT operation

5、=OPS01.Intelligence gathering from human sourcesActive engagement with sources in-personRelies on trust,personal connections with sources,and interpersonal skillsProactive intelligence gatheringCyberHUMINTHUMINT adapted to the online realmActive engagement with sources onlineRelies on trust,personal

6、 connections with sources,interpersonal skills.and OPSECProactive intelligence gathering which leverages online anonymity&easier access to remotely located sourcesActive Defense279UNVEILING A CYBERHUMINT USE CASE01.Phase 1Phase 2Phase 3Phase 4INFILTRATIONNegotiated access to a private Discord server

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要探讨了在网络安全威胁情报(CTI)调查中运用经典人类情报(HUMINT)策略的方法和挑战。以下是关键点: 1. **HUMINT与网络HUMINT**:HUMINT是指从人类来源收集情报,而网络HUMINT则是将HUMINT策略应用于网络空间,利用在线匿名性和远程访问来源的优势。 2. **案例研究**:文章通过一个案例展示了网络HUMINT的操作流程,包括渗透、恶意生态系统映射、解决优先情报需求、干扰和破坏。 3. **挑战与风险**:实施网络HUMINT操作面临风险,如合规性、声誉风险、操作风险和道德风险。 4. **操作框架**:文章提出了一个操作框架,包括确定需求、制定框架文件、与利益相关者讨论、制定操作计划、开发基础设施和制定退出策略。 5. **源信息收集**:强调了选择合适的信息来源的重要性,包括动机、信任、社区内的影响力、可访问性和与目标的相关性。 6. **CTI工作流程**:网络HUMINT与CTI工作流程相结合,通过分析、分类、验证、定制洞察和评估贡献来提高网络安全。 7. **关键要点**:确保操作遵循明确指南,由关键决策者支持,以提供关键情报并提高网络安全。
"如何巧妙运用CyberHUMINT?" "CyberHUMINT能提升哪些能力?" "情报搜集有哪些风险?"
客服
商务合作
小程序
服务号
折叠