{"id":1845,"date":"2023-10-06T19:47:00","date_gmt":"2023-10-06T19:47:00","guid":{"rendered":"https:\/\/www.darkreading.com\/attacks-breaches\/predictive-analysis-can-reduce-risks-associated-with-data-breaches"},"modified":"2023-10-06T19:47:00","modified_gmt":"2023-10-06T19:47:00","slug":"predictive-analysis-can-reduce-risks-associated-with-data-breaches","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/10\/06\/predictive-analysis-can-reduce-risks-associated-with-data-breaches\/","title":{"rendered":"Predictive Analysis Can Reduce Risks Associated With Data Breaches"},"content":{"rendered":"<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/10\/predictive-analysis-can-reduce-risks-associated-with-data-breaches.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p><strong>PRESS RELEASE<\/strong><\/p>\n<p><strong>Helsinki, Finland \u2013 October 5, 2023:&nbsp;<\/strong>Thanks to the increasing professionalization of cyber crime, predicting the actions of attackers based on profiling is becoming more challenging for cyber security practitioners. To help address the challenge,&nbsp;<a href=\"https:\/\/www.withsecure.com\/us-en\/home\" target=\"_blank\" rel=\"noopener\">WithSecure<\/a>\u2122 (formerly known as F-Secure Business) has published a new study that demonstrates an alternative model of predicting how attacks unfold.<\/p>\n<p>In recent years, the cyber crime industry has become increasingly service-oriented*, where different threat actors provide specialized services to one another. Consequentially, it\u2019s become increasingly difficult for security analysts to understand attackers and the threat they pose based strictly on their use of a particular tactic, technique, or procedure (TTP).<\/p>\n<p>It\u2019s a trend that WithSecure\u2122 Intelligence Senior Researcher&nbsp;<strong>Neeraj Singh<\/strong>&nbsp;says is likely to get worse.<\/p>\n<p>\u201cYou also have to consider that attackers are constantly expanding their toolkits to include new resources to use in attacks. That means they have more avenues to pursue an attack than ever before. These types of changes make traditional profiling techniques, where you understand and predict specific types of attacks by associating them with particular TTPs or toolsets, less effective,\u201d he explained.&nbsp;<\/p>\n<p>A new WithSecure\u2122 study on common tactics and toolsets observed in data breaches demonstrates an alternative approach to predicting how cyber attacks can unfold.<\/p>\n<p>Using data collected from cyber attacks observed by WithSecure\u2122 in 2023, researchers were able to correlate tactics\/toolsets used together in attacks\u2014correlations that provide a foundation for further analysis.<\/p>\n<p>For example, researchers found that both discovery and collection commonly lead to exfiltration and command and control tactics, indicating adversaries\u2019 reliance on information that\u2019s gathered and stolen from the victim\u2019s machines and sent back to the attackers\u2019 to perform their next steps in an attack lifecycle.<\/p>\n<p>According to Singh, correlations like these can provide a sound basis for making further predictions about different attack paths taken during attacks.<\/p>\n<p>\u201cMachine leaning can build on traditional data analysis techniques to train predictive models that can determine the likelihood of different tactics and toolsets being used on different premises. That\u2019s the kind of preparation that organizations can use to begin reducing the risk of attackers using certain approaches against them,\u201d explained Singh.<\/p>\n<p>The study,&nbsp;<em>Unveiling the Arsenal: Exploring Attacker Toolsets and Tactics<\/em>, contains information about the most common tactics and toolsets observed in attacks during 2023, walkthroughs for a variety of security incidents investigated by WithSecure\u2122, and security advice for organizations. The full study is available at&nbsp;<a href=\"https:\/\/www.withsecure.com\/en\/expertise\/research-and-innovation\/research\/unveiling-the-arsenal-exploring-attacker-toolsets-and-tactics\" target=\"_blank\" rel=\"noopener\">https:\/\/www.withsecure.com\/en\/expertise\/research-and-innovation\/research\/unveiling-the-arsenal-exploring-attacker-toolsets-and-tactics<\/a>.<\/p>\n<p><em>*Source:&nbsp;<\/em><a href=\"https:\/\/www.withsecure.com\/en\/expertise\/research-and-innovation\/research\/the-professionalization-of-cyber-crime\" target=\"_blank\" rel=\"noopener\"><em>https:\/\/www.withsecure.com\/en\/expertise\/research-and-innovation\/research\/the-professionalization-of-cyber-crime<\/em><\/a><em><\/em><\/p>\n<p><strong>About WithSecure\u2122<\/strong><br \/>WithSecure\u2122, formerly F-Secure Business, is cyber security\u2019s reliable partner. IT service providers, MSSPs and businesses \u2013 along with the largest financial institutions, manufacturers, and thousands of the world\u2019s most advanced communications and technology providers \u2013 trust us for outcome-based cyber security that protects and enables their operations. Our AI-driven protection secures endpoints and cloud collaboration, and our intelligent detection and response are powered by experts who identify business risks by proactively hunting for threats and confronting live attacks. Our consultants partner with enterprises and tech challengers to build resilience through evidence-based security advice. With more than 30 years of experience in building technology that meets business objectives, we\u2019ve built our portfolio to grow with our partners through flexible commercial models.<\/p>\n<p>WithSecure\u2122 Corporation was founded in 1988, and is listed on NASDAQ OMX Helsinki Ltd.<\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/predictive-analysis-can-reduce-risks-associated-with-data-breaches\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>PRESS RELEASE Helsinki, Finland \u2013 October 5, 2023:&nbsp;Thanks to the<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-1845","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=1845"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1845\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=1845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=1845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=1845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}