Treadstone 71 Expands Groundbreaking Cyber Intelligence Services
Published: Tuesday, 03 December 2013 05:18
HALF MOON BAY, Calif., Dec. 3, 2013 (SEND2PRESS NEWSWIRE) - Treadstone 71 announced today the expansion of its pioneering cyber intelligence services used to methodically and systematically collect, organize and analyze data. Treadstone 71 integrates, evaluates, and interprets information from all data sources delivering a range of opportunities and recommendations key to decision making. The new services assist analysts to comprehend complicated and uncertain situations leading to comprehensive situational awareness while teaching analysts to be their own collectors.
Read more ...
Brief on Russian Hacking Activities
Published: Tuesday, 27 December 2016 15:31
The Russian hacking efforts against the West is well designed and planned. The Russian concept of maskirovka has expanded from traditional military aspects of denial and deception to information warfare and cyber psychological operations. Imagine you have hacked a target not knowing exactly what you will find. The plan is to extract information from the initial target, examine the information, recalibrate, replan, while setting new actions of disinformation in play. We believe that the data inside the DNC emails has not yet been fully exploited. It would behoove the DNC and other US officials to examine every syllable of every word to determine what was exposed, determine what the Russians may do with this data, and plan to proactively counter the deception that will come from the Russians. The hacking was but one facet of a larger plan by Putin and his inner circle to disrupt, deceive, influence, and exploit weaknesses in the US including political and social beliefs and movements. EU countries are also targeted especially those with upcoming elections. Their actions have been very effective. Treadstone 71 Training 2017
There is a collective lack of institutional memory among target audiences, namely the West – a significant proportion of which had not even been born when Soviet subversion was a concern – therefore, they don’t have the level of knowledge and subsequent paranoia of baby boomers who used to hide under their classroom desktops in atomic bomb drills. Russia has invested hugely in enabling factors to adapt the principles of subversion to the internet age. These new Russian investments cover internally and externally focused media with a substantial online presence, of which RT and Sputnik are the best-known but only two examples; Use of social media and online forums as a force multiplier to ensure Russian narratives achieve broad reach and penetration; and language skills, to engage with target audiences on a broad front in their language.
Read more ...
The 12 Days of Cyber Christmas
Published: Wednesday, 21 December 2016 20:33
or What I want for Cyber Security and Intelligence Christmas 2016
- All CIOs must have served as a CISO for at least 4 years before being allowed to be a CIO.
- All CIOs must have a CISSP, CISM, and at least 2 technical information security certifications and have been thoroughly trained and qualified to be a CIO. No more cronyism.
- CISOs will never report to the CIO – conflict of interest and a recipe for … what we have now.
- If you are the administrator for a device, you secure that device (servers, routers, appliances, etc.). You are responsible and accountable – Secure what you own. Secure what you manage.
- CIOs and their leadership will be held liable for deploying vulnerable systems.
- All new products (IoT and beyond) must be certified secure before public release. No more figure it out as we go and bolt it on after we have consumers hooked.
- All root access / administrative rights for production, critical, supporting, etc., systems and devices are removed and granted only for approved changes and incidents.
- All written code and script must be written properly. There is no such thing as secure code, only code the works correctly and does not create vulnerabilities.
- All operating systems will be shipped closed and installed closed with a risk rating system for each port, protocol, and/or service. Each modification reduces the security posture of the operating system providing a risk score while automatically offering advice on how to remediate that score with other controls.
- New regulations to enforce security and privacy, demanding disclosure of breaches, fining companies and individuals for negligence are put in place, at once.
- Vendors posting adversary IoCs, TTPs, and other methods that would normally be seen as ‘telling the enemy what we know, i.e., sedition’ will be fined for such activity.
- You will tell yourselves over and over again that contracting with Treadstone 71 to build your cyber intelligence strategy and program is the absolute right thing to do (repeat after me …).
Merry Cyber Christmas from Treadstone 71