UK Names And Shames Russia For Georgia Cyber-Attacks
Most digital forensic data available to analysis experts in the aftermath of cyber-attacks are in the form of IP addresses, email addresses, domain names, hashes, etc. which are analysed to answer the what, how, who and why questions. Much of this currently involves educated guesswork which includes examining samples such as malware or custom tools found in the affected cyber-infrastructure, or identifying language and content patterns found in phishing emails, determining locations of servers and so on to answer the what and how questions. This then needs to be viewed in combination with other evidence typically obtained from signals intelligence, human intelligence, etc. to form a clearer picture of the who and why questions.
UK Names and Shames Russia for Georgia Cyber-Attacks