Intelligence Driven Threat Actor Analysis: BlackBasta and Affiliates

Intelligence Driven Threat Actor Analysis: BlackBasta and Affiliates

연구 분야: Safety

학회: 2024 Cyber Research Conference - Ireland (Cyber-RCI)

This work-in-progress research paper details the financially motivated threat actor, BlackBasta, and includes an analysis of what Cyber Threat Intelligence can inform security professionals. The data analysis reveals that Cyber Threat Intelligence must be delivered responsively, utilize automation, and be enforced effectively. After all, BlackBasta demonstrates high operational maturity, deploying social engineering and double extortion tactics, so a mature cybersecurity approach is required to prevent BlackBasta and affiliates. The recommendations outlined include the value of utilizing multiple Cyber Threat Intelligence providers to comprehensively analyze cyber threats and produce actionable policies to alert and thwart threat actors like BlackBasta. The paper further highlights the value of organizations ensuring they deploy human-led Cyber Threat Intelligence analysis and interpretation to advance upward in the Pyramid of Pain. By leveraging multiple Cyber Threat Intelligence sources in the preliminary analysis presented here, this work-in-progress paper is unique, offering valuable insight into BlackBasta and affiliates not yet seen in the existing literature.