Episode #
25
ASK Integrity Solutions's Assaf Kipnis on Standing Up to Adversaries with Better Threat Intelligence
Show Notes
In this week's episode of the Future of Cyber Risk podcast, David speaks to Assaf Kipnis, Owner and Head Consultant/Advisor at ASK Integrity Solutions, which conducts adversarial network analysis, risk assessment, and counter-threat intel. They discuss the day-to-day activities of threat intelligence and hunting down adversaries, what adversary accounts typically look like on social media, and how digging deeper into those accounts can reveal connections leading to large-scale takedowns. They also discuss common scams prevalent today, how everyday people can keep themselves safe online, and what organizations can do to improve their threat intelligence.
Topics discussed:
The day-to-day efforts and expectations around threat hunting, and why once you find an adversary you should monitor them to learn from them.
How to dig deeper into adversary accounts to connect the dots and take down networks at scale.
What fake accounts typically look like on social media sites, and the scams they're typically perpetuating.
The types of scams big organizations are performing, including one called "pig butchering," and why it's not just a certain segment of the population that falls for these.
What everyday people can look out for to keep themselves safe online, including not taking financial advice from someone they don't know.
Advice for organizations on how to perform better threat intelligence, including why you should reassess your metrics and goals.
Quotes from Episode
#1.)
"You can't really connect these accounts together unless you dig deeper into how these accounts were created, where did they come from, were they bought, or were they created at scale by either a bot farm or an account creating farm or the adversary created them. And once you dig into that, you can start connecting accounts to each other by all types of heuristics and really understand the network and differentiate between less sophisticated actors, which will not be in a network and will not have a linchpin that organizes them, or multiple, and the more sophisticated networks that will have those characteristics." (6:53-7:37)
#2.)
"Think like the adversary. Get out of the defender silo. Understand how your adversary thinks. What are they looking for, what are they after? Their why and their how. ... Not a lot of people end up thinking like the adversary, end up thinking about how the adversary is circumventing you at multiple levels." (36:36)