Home NTT Ltd Podcasts Threat hunting, attribution and identifying what motives threat actors

Threat hunting, attribution and identifying what motives threat actors

August 14, 2019

Jaime Blasco is the AVP Product Development at Alien Labs, part of AT&T Cybersecurity. At Black Hat 2019, Jaime sat down with Enterprise Times to talk about threat intelligence. It’s a subject that is high on a lot of organisations agenda. The problem, is that many organisations don’t know what to do with it. They are overwhelmed by the intelligence they gather and when they try and DIY, they lack the tools. But when they go to many vendors, what they get are a series of alerts which often lack an actionable element.

Blasco talked about how we start to make sense. Alien Labs creates two types of threat intelligence. The first, that Blasco describes as Tactical Threat Intelligence. This has all the details that IT teams need to detect and spot threats. They can use this to block domains, IP addresses, spot C&C servers that attacks rely on.

Jaime Blasco, Head of Alien Labs, AT&T Cybersecurity

The second is Strategic Threat Intelligence. This does a deep analysis of the data and is focused on the threat actor. It looks to understand the motives, who is sponsoring or supporting them, what are they looking for when they get into the network.

To make sense of all the information coming in, AT&T has launched Open Threat Exchange. Blasco says that this allows other researchers to come in and look at the threat data. It provides them with tools to understand what is in the data and helps to improve identification of threats and, more importantly, reduces false positives.

Blasco‘ s group also spends a lot of time tracking and identifying threat actors. One of the key goals for any threat hunting team is to be able to anticipate what a threat actor will do. This allows them to predict behaviours, attacks and put in place mitigation strategies while waiting for the attack to develop.

To hear more of what Blasco had to say listen to the podcast.