In the previous two articles in this series, we examined the Iranian and Nigerian Advanced Persistent Threats (APTs) under a sociohistorical lens in order to better understand the various drivers that instigate their threat activity. Today, we examine Russia under the same optic, to see if we can gain more insight than the traditional Technique, Tactic, and Procedure (TTP) game of whack-a-mole generally provides.
4 min read
Having examined the underpinnings of Iranian culture and the nexus with its corresponding Advanced Persistent Threat (APT), we turn our eyes towards Africa. Often overlooked as an APT, elements of postcolonial realities in Nigeria have contributed to an advanced criminal underworld.
3 min read
While researching advanced persistent threats (APTs), the common analytic angle has always been to identify malware and infrastructure techniques, tactics, and procedures (TTPs), and to develop detections. While this is effective for big player APTs such as Russia and China, it results in a game of whack-a-mole as blocking known TTPs necessitates identifying new ones. Without gaining an understanding of the human factors involved, it becomes like an endless game of cat and mouse.