Professional Documents
Culture Documents
CTI Intro & Benefit - Dinis
CTI Intro & Benefit - Dinis
DINISFUSYA’BAN
SANDIMAN MUDA
DIREKTORAT KEAMANAN SIBER DAN SANDI
2
3
4
5
TRENANCAMAN&TIMELINEINSIDENSIBER 1
Cross-platform malware, Security incidents will rise, Economy is stimulated by mobile devices, (mobile
DDoS, Loss of Situational Awareness banking, mobile medicine, farming, agriculture)
Technological,
Social protest, reach voters, influence public policy. Cultural, Economic espionage; cyber offensive capability is an
Economic, and element of geopolitical superiority and command;
Corruption, mobile technology, and transnational
Geopolitical
organized crime. Shifts*
cyber operations are very attractive to actors
Agustus November
Mei 2020 Mei 2020 Mei 2020 Juni 2020 Juni 2020 Mei 2021 Mei 2021 Mei 2021
2020 2020
Tokopedia Bhinneka.com KPU Bukalapak Data Covid-19 Kreditplus Cermati.com Colonial Pipeline HSE Irlandia BPJS
91 data pengguna 1,2 Juta data 2,3 juta data 13 juta data 230 ribu data 819K data 2,9 juta data Serangan Serangan (Investigasi)
& 7 juta merchant pengguna pemilih pemilu pengguna pasien nasabah pengguna ransomware, ransomware, RS 100K data dari
(EmpireMarket) (Darkweb) 2014 (RaidForums) (RaidForums) (RaidForums) tebusan 75 & Faskes 279 juta data
(RaidForums) (darkweb)
bitcoin, (Rp 71 terganggu (RaidForums)
* Cyber Threat! How to Manage the Growing Risk of Cyber Attacks, MacDonnell Ulsch miliar)
6
Sumber :
Laporan Honeynet
BSSN 2021
https://bssn.go.id/h
oneynet/
7
Future Cyber Threat
8
9
Sliding Scale Cyber Security Early Warning
Detection System 3
Security Control
Based on Incident Continuous Collaboration & Sharing
Monitoring & Detection Scheme
Campaign Playbook
Impact
• TTP
1. Financial Loss 4. Legal Action • Indicators
2. Reputational Damage 5. Loss of Sensitive • Security Control
3. Operational Downtime Data
10
11
12
Cyber Threat Intelligence(CTI)
“Threat intelligence is evidence-based knowledge,
including context, mechanisms, indicators, Direction
implications and action-oriented advice about an
existing or emerging menace or hazard to assets. This
intelligence can be used to inform decisions regarding
the subject’s response to that menace or hazard.”
-Gartner- Collectiong
Processing
“Analyzed information about the hostile intent,
Analysis
capability, and opportunity of an adversary that
Dissemination
satisfies a requirement.”
-SANS-
Source: recordedfuture
13
14
Intrusion Analysis
Intrusion
Pyramid Analysis
of Pain (David Bianco) Cyber Kill Chain (Lockheed Martin)
Pyramid of Pain (David Bianco)
15
Mapping the Adversary
16
17
18
MITRE ATT&CK® Framework
CTI Process BSSN
20
21
Role of The Community
Direction PERSEBARAN INFORMASI CEPAT
Collection
g
Dissemination REDUCE
RESOURCE
Source: recordedfuture
22
GOAL
OLLABORATIVE ANALYSIS
ELIABLE INTEROPERABILITY
23
Key Takeaways
24
Benefits
25