• Seeing is not always believing
    Seeing is not always believing
  • Cyber Intelligence Maturity
    Cyber Intelligence Maturity Cyber Intelligence Maturity Management Cyber Intelligence Common Body of Knowledge
  • Information Sharing through your own ISAC
    Information Sharing through your own ISAC
  • Maskirovka - Non-Linear Warfare
    Maskirovka - Non-Linear Warfare Cyber Maskirovka - Non-Linear Warfare
  • Middle Eastern Cyber Warfare Assessments - Analysis
    Middle Eastern Cyber Warfare Assessments - Analysis Middle Eastern Cyber Warfare Doctrine
  • Cyber Influence Operations
    Cyber Influence Operations Treadstone 71 Cyber Counterintelligence and Clandestine Cyber HUMINT
  • To win at non-linear warfare you must first understand what it is
    To win at non-linear warfare you must first understand what it is
  • Patterns, trends, information inside data, intelligence created to prevent
    Patterns, trends, information inside data, intelligence created to prevent
  • Analysis as a Service - Light the fire for targeted analysis
    Analysis as a Service - Light the fire for targeted analysis
  • High-Value Target - Know Your Customer Risk and Attack Surface Assessment
    High-Value Target - Know Your Customer Risk and Attack Surface Assessment

Deception, Distortion, Dishonesty: The Real Story Behind the Hype – RSA Conference 2018 – San Francisco

Dr. Khatuna Mshvidobadze

In the summer of 2008, Russia attacked Georgia in the first-ever combined kinetic and cyberwar. Sure, the 1990-1991 Gulf War was dubbed the first information war—the use  226571794ecbc84a4232f3e9a42a7041-480x270of information in war is not new. What was new in 2008 was that Russia employed its cyber arm as an independent operational capability alongside its land, sea and air forces. The targets were critical infrastructure. The strategic objectives were to sap Georgia’s will to resist and to provide cover for Russia’s information campaign to deceive the west into believing that somehow little Georgia was the aggressor.

Operational security was paramount—Moscow had to keep everyone confounded about who was behind the cyber attacks. Just like the kinetic invasion, the cyber attacks were long and well-planned, but Russia did a great job covering its tracks. When the shooting stopped, well-meaning researchers investigated what had happened. However, coming from a profession that focuses on computer screens and a culture unaccustomed to the  2018-04-11_9-18-09kind of deception that is part of everyday Russian life, they foundered.

The attacks led us to Russia. We noted uncanny timing. Western experts were indeed confounded when the trail led to kids and criminals. I have been following that trail ever since. Insight into Russia, all-source intelligence and a keen understanding of denial and deception were needed.

Today, saying that the Russian state employs a network of cybercriminals to do its online dirty work is commonplace. One might just as well pretend not to know the identity of those little green men who seized Crimea. But when I started saying it in 2010, you would not believe the resistance I encountered.

Soon after, I met Jeff Bardin, my professor at Utica College, who became mentor and friend. Jeff brings an extraordinary expertise in all-source intelligence and the ways of denial and deception. At this year’s RSA Conference, it is my privilege to combine with him in a talk entitled Deception, Distortion, Dishonesty: The Real Story Behind the Hype.

Jeff will lead off, analyzing the types of D&D, its various dimensions and some tactics that can be employed online and offline. The planners, he will say, must have clear reasons for utilizing D&D based on their goals. They must define the strategic, operational and tactical goals of deception and the criteria for success.

I will point out that Russians do not see cyber warfare as distinct but regard it as just one tool of information war. Look at 2008. The cyberattacks aimed at hampering the Georgian government’s ability to communicate while Moscow’s propaganda machine painted Russia as the aggrieved party. “Information space opens wide asymmetrical possibilities for reducing the fighting potential of an enemy,” writes Valery Vasilyevich Gerasimov, Chief of the Russian General Staff. It’s a remarkable statement, but nothing new—Russian thinking on information warfare has been consistent since the 1980s.

Now, the Kremlin commands a vast network of online intelligence agencies, scientific organizations, academic institutions, criminals, and trolls. We’ll discuss how Russia deals with enemies, foreign and domestic, cyber players and organization, the growing role of the military, tactics, techniques, procedures and tools, vectors, false flags, troll factories and more. Come join us on Wednesday at the RSA Conference.

KM

Search Our Site

Treadstone 71 - We See What Others Cannot

The Cyber Intelligence Training adds rapid returns to both Cyber Intel Analysts, and Security Ops Centers.  Each student receives quality instruction and hands-on experience with today’s OSINT tools and intelligence tradecraft.  This is necessary for anyone new to Cyber Intelligence and complimentary to any Security Operations within your enterprise. This 4.5-day class provides the student with the resources and fundamentals needed to establish cyber intelligence as a force as both a proactive offensive step and a counter intelligence-contributing arm of your larger team.  – Antonio 

Fortune 100 Company

line2

 

ONLINE - Cyber Intelligence Tradecraft Certification - Enroll now for April 28, 2018, start date. 8-week online course.

April 30 – May 3 Cyber Intelligence - Los Angeles California - Burbank
Jul 31-Aug 3 Cyber Intelligence Tradecraft Las Vegas - PRE-BLACKHAT
Aug 13-17 Cyber Intelligence- Reston, VA
Sep 17-21 - Cyber Intelligence- Boston, MA
Oct 15-19 Cyber Counter Intelligence - Reston, VA
Nov 5-9 Cyber Intelligence- Denver, CO
Dec 3-7 Cyber Counter Intelligence - Columbia, Maryland

T71new6

Intelligence Tradecraft - CounterIntelligence - Clandestine Cyber HUMINT  - Cyber Psyops - Persona Creation and Management - Cyber Influence Operations - Middle Eastern Cyber Warfare Tradecraft

Blended courses - Courses on demand - Courses developed per your needs, quietly and quickly

Students and organizations taught (non-inclusively):

AIB, American Express, Capital One, Commonwealth Bank, Bank of America, ING, NCSC NL, Defense Security Services, PNY, Dell Secureworks, HPE Security, EclecticIQ, Darkmatter (AE), General Electric, General Motors, PNC, Sony, Goldman Sachs, NASA, DoD, East West Bank, Naval Air Warfare Center, VISA, USBank, Wyndham Capital, Egyptian Government, DNB Norway, Euroclear, Malaysian Cyberjaya, People's United Bank, Baupost Group, Bank of North Carolina, Fidelity Investments, Citi, Citigroup, T. Rowe Price, Wells Fargo, Discover, Blackknight Financial Services, Intercontinental Exchange (ICE), Citizens Financial Group, Scottrade, MetLife, NY Life, Synchrony Financial, TD Ameritrade, National Reconnaissance Office, FBI, Stellar Solutions, Lockheed Martin, Harvard Pilgrim, State of Florida, Deloitte, Ernst and Young, Mitsubishi, Tower Research, Geller & Company, KeyBank, Fannie Mae, BB&T, Aviation ISAC, JP Morgan Chase, Barclays, Nomura International, ING, Finance CERT Norway, BBVA, Santander, Bank of America, Equifax, BNY Mellon, OCC, Verizon, Vantiv, Bridgewater Associates, Bank of Canada, Credit Suisse, HSBC, International Exchange, Vista Equity Partners, Aetna, Betaalvereniging Nederland, several members of FlashPoint, non-inclusively (as well as several other firms by proxy as they hire qualified intelligence professionals trained by Treadstone 71).

Terms of Use - Privacy Policy - Course EULA

T71new3

ON THE TREADSTONE 71 CYBER INTELLIGENCE TRADECRAFT TRAINING:

"Fantastic class that gets to the foundational aspects of traditional tradecraft. We studied hard examining recent attack campaigns. The analysis training prepared me for real-world efforts. Have to say this is one of the best classes I have ever taken having taken many from SANS.  SANS does not compare. They are more of a class mill today.  The Treadstone 71 course material is unique, focused, and timely."

“This is one of the best, if not the best, Cyber Threat Intelligence training course I've attended.”

T71new4

Ironically, said Bardin, it was Stuxnet that led Iran to enhance its offensive capability: ‘If Stuxnet had happened to the US or UK, it would have been seen as an act of war. In Iran, it made them invest heavily in offensive cyber operations.’

He revealed that 18 percent of Iranian university students are studying computer science – a cyber warfare talent pool.

Treadstone 71 Interview - Daily Mail on Industrial Control System Hacks

 

 

 

 

 

 

Treadstone 71 Cyber Intelligence Services

 

 

 

 

 

 

 

Treadstone 71 at Blackhat

 

 

 

 

 

  

 

Treadstone 71 New Services - Analysis as a Service

 

 

 

 

 

 

 

Cyber Jihad - 2008-2011 Compilation Part 1

 

 

 

 

 

 

 

Cyber CoiunterIntelligence Doctrine

 

 

 

 

 

 

 

Iran Cyber Proxies and Capabilities 

 

 

 

 

 

 

 

The Irari Report

 

 

 

 

 

 

 

Gaming as a Method of Jihadist Training

 

 

 

 

 

 

 

Treadstone 71 Keynote

 

 

 

 

 

 

 

Treadstone 71 Cyber Intel Services / Training

 

 

 

 

 

 

 

Stuxnet 

 

 

 

 

 

 

 

Treadstone 71 Secureworld Expo

 

 

 

 

 

 

Treadstone 71 Fox News

 

 

 

 

 

 

Treadstone 71 Hacktivity