Melting the ‘deep and dark web’ myth and why we hate the phrase

By Michael DeBolt, VP of Intelligence of Intel 471. It’s not deep. It’s not dark. It’s not the ominous underside of an iceberg. The deep and dark web, or simply the “underground,” as we like to call it at Intel 471, is an organized ecosystem of products, services and goods consisting of real life suppliersContinue reading “Melting the ‘deep and dark web’ myth and why we hate the phrase”

No, the criminal underground isn’t dropping its use of Bitcoin anytime soon

By Mark Arena, CEO of Intel 471. I recently read an article which claimed the “criminal underworld” was dropping its use of Bitcoin. In the past month, Intel 471 has looked closely at the criminal underground to identify if Bitcoin was still strong in its use and whether there were any up-and-coming cryptocurrencies that wereContinue reading “No, the criminal underground isn’t dropping its use of Bitcoin anytime soon”

Naming malware: What’s in a name?

By Mark Arena, CEO of Intel 471. This week’s incident with Petya/NotPetya/GoldenEye/Nyetya/Petrwrap has reignited the debate about how security companies name malware. In my opinion, the security industry’s use of different names for the same thing isn’t good for either customers or the industry at large, and it’s something that could be solved without tooContinue reading “Naming malware: What’s in a name?”

Being a cyber threat intelligence analyst and operating in the fog of uncertainty

By Mark Arena, CEO of Intel 471. A lot has been said, blogged and marketed on WannaCry ransomware with many pointing fingers at who they think might be behind it. The objective of this blog isn’t to critique, support or disprove any specific hypothesis. The goal is to highlight what it means to be aContinue reading “Being a cyber threat intelligence analyst and operating in the fog of uncertainty”

Who hacked the Democratic National Committee?

By Mark Arena, CEO of Intel 471. Who hacked the Democratic National Committee? I’ll preface this post by saying that I possess no information on this incident beyond what has been mentioned in open sources. This post is my personal opinion and is based on my experience researching and tracking both state and non-state cyberContinue reading “Who hacked the Democratic National Committee?”

Cyber Threat Intelligence: Observing the adversary

By Mark Arena, CEO of Intel 471. Following my previous blog post that compared the incident-centric and actor-centric approaches to cyber threat intelligence, this post will detail a number of ways we can potentially observe our adversary. I’ll preface this post by saying that prioritizing and identifying who the adversary is, their motivations, their intentionsContinue reading “Cyber Threat Intelligence: Observing the adversary”