Inside the Report

With the entry of influencers (Figure 3 in the report), the campaign enter

ed the next operations stage. The content and tweets were distributed and republished by those influential IRGC Cyber Units. The narrative between these users reveals their role in promoting the campaign and the purpose of the personas.

Thousands of bots and fake accounts with low followership belonging to Basij Cyber Units widely republished and retweeted tweets published by influencers and retweeted and promoted the posts by other accounts that had used the given hashtag.

This campaign was continued for 60.6 hours by the IRGC Intelligence Cyber Units using thousands of low paid Basij accounts resembling a Dunbar's Number concentric circles of trust throughout the country (Figure 4 in the report).

Our training examines Sherman Kent's Analytic Doctrine from the cyber perspective as well as the availability and use of OSINT tools. Students are able to understand the cyber intelligence lifecycle, the role and value of cyber intelligence relative to online targeting and collection, in modern organizations, businesses, and governments at the completion of this course and, use of our advisory services.

Middle Eastern Cyber Domain – Iran/Syria/Israel

An academic review of these nation-states and their work to achieve cyber operations dominance.

Iranian Link Analysis of various cyber threat actors. Download the eye opening report here.

What you receive from Treadstone 71 is detailed information and intelligence on your adversary that far surpasses the technical realm. Where Treadstone 71 service excels is in the ability to provide you with techniques, methods, capabilities, functions, strategies, and programs to not only build a fully functional intelligence capability, but a sustainable program directly aligned with stakeholder requirements.

Intelligence Games in the Power Grid – Russian Cyber and Kinetic Actions Causing Risk

Unusual purchasing patterns from a Russian firm selling PLCs from a Taiwanese company with massive holes in its product software download site. What could go wrong?

This intelligence brief explains the intricacies as well as cans and cannots with repect to the capabilities of cyber intelligence.

Statement of Cyber Counterintelligence The 10 Commandments for Cyber CounterIntel

Thou shall and thou shalt not. Own the cyber street while building creds. Follow these rules and maybe you will survive the onslaught.

Much has been written about Mr.Tekide and his crypters used by APT34 (OilRig) and others. Other

organizations have documented information about Mr.Tekide's tools in 'celebrated' cyber attacks against Fortune 500 institutions, governments, educational organizations, and critical infrastructure entities.

Identification

However, identifying Mr.Tekide, his background, locations, and his own words has never been openly accomplished. Many believe that following an individual does not pay dividends. Treadstone 71 demonstrates the alignment of Mr.Tekide to the Iranian government through years of support using crypters such as the iloveyoucrypter, qazacrypter, and njRAT.

Understanding your stakeholders and what they need to help make decisions is more than half the battle. This brief covers the old adage “Know your professor, get an A."

Fallacies in Threat Intelligence Lead to Fault Lines in Organizational Security Postures

This brief covers some general taxonomy along with a review of common mistakes concerning cyber and threat intelligence and how possible to not fall into these traps while knowing how to dig out if you do.

Request for Information (RFI) – Cyber Threat Intelligence

The RFI process includes any specific time-sensitive ad hoc requirement for intelligence information or products to support an ongoing event or incident not necessarily related to standing requirements or scheduled intelligence production. When the Cyber Threat Intelligence Center (CTIC) submits an RFI to internal groups, there is a series of standard requirements for the context and quality of the data requested.

Syrian violations of sanctions with Russian FSB assistance to manufacture ballistic vests – Not discovered by any organization other than Treadstone 71 - No sensors, no aggregation of thousands of taps – Just hard-nosed open-source collection and analysis, and an interesting read of false identities, dispersed purchasing, and deceit.