Political Science, asked by damchosjigme, 8 months ago

how can a problem qualify as a threat​

Answers

Answered by mdsabiruddin40
5

Explanation:

I hope it's helpful to you

Attachments:
Answered by atharvrakshiye1906
2

Explanation:

Malwareless attacks have been gaining ground in the global cybersecurity landscape for months, and their continued advance is one of PandaLabs’ leading predictions for 2019.

In these kinds of operations, the attacker assumes the identity of the administrator, after gaining their network credentials one way or another, and, to all intents and purposes, seems to be the network administrator going about their job.

As no malware of any kind is used, security systems must be able to recognize this type of attack by spotting anomalous behavior of users on the corporate network. Technologies capable of doing these tasks are an integral part of the concept of Threat Hunting.

Fewer malware infections and an increase in live hacking.

In 2016, there were 40% fewer infections than in 2015, and in 2017, the reduction was even more significant, at 70%. In 2018, reported infections due to malware trend to zero. As such, the problem of malware is fading away, while the new problem is the professionalization of cybercriminals.

There are tens of thousands of hackers in the world, trained by governments, security companies, and criminal organizations. They carry out targeted attacks with proprietary malware, and even make use of legitimate applications and goodware in order to stay hidden. All of this requires an equivalent response to keep networks safe.

After explaining why Threat Hunting is necessary, and taking a look at what the process of proactively looking for threats is like, here we’re going to analyze what challenges are involved in carrying out this activity, and its inherent advantages for our companies.

The challenges of Threat Hunting

The main challenge that stops IT teams from carrying out Threat Hunting is time. Unfortunately, IT teams are very often limited in size, and one person is likely to be the IT administrator, technician, and CISO all rolled into one. All of which means that you probably do not have the time you need to carry out these tasks.

Time is needed to search for threats, to gather data, and to create valid hypotheses. What’s more, it’s also needed in order to investigate indicators of attack—IOAs and IOCs—and attack patterns. As such, time is key.

Threat Hunting platforms ought to be capable, among other things, of monitoring the behavior of computers, the applications running on them and, in particular, their users. Technically speaking, the Threat Hunting process is based on an immense pool of data regarding all the behavior of the monitored components and updated in real time as new events occur.

The platform used must be able to explore this vast store of information in order to develop new attack hypotheses. At that point, machine learning systems will prioritize potential incidents which, once triggered, need to be analyzed in detail using remote forensic analysis tools integrated in the platform.

And these requirements are yet another challenge, bearing in mind the fact that the human factor is key to complementing the automatization process: hiring qualified experts can be another difficult and costly process, and building or operating the necessary tools yet another considerable expense, one that many IT departments cannot afford.

Similar questions