Ensuring the security and privacy of information of individuals and organizations in the era of digital information technologies is a complex issue. In recent years, the number and variety of cyberattacks and malware patterns have grown significantly, making it extremely difficult for cybersecurity analysts and IT professionals to detect cyberattacks and build a defense strategy. To solve this problem, researchers are looking for security threats, threat actors, malware, vulnerabilities, etc. presented the concept of Cyber Threat Intelligence (CTI), which refers to a set of information collected, evaluated and applied.
About this, at the scientific seminar dedicated to the International Information Security Day of the Institute of Information Technology, the head of the AzScienceNet Network Management Center, PhD in technical sciences Babak Nabiyev and senior researcher Konul Dashdemirova, co-authored “Strategic, tactical management of cyber threats at the regional, national, corporate and organizational level based on artificial intelligence technologies and the study of practical analysis” was informed in the report.
Speaking on the topic, Babak Nabiyev said that CTI is the collection and intellectual analysis of data to understand the motives, targets and attack behaviors of threat actors. When large amounts of data are collected or generated by various security monitoring applications, big data intelligent analysis methods are required to extract knowledge, interpret and draw conclusions from the collected data. Intelligent analysis of cyber threats plays a critical role in ensuring cyber resilience, enabling security professionals to make faster, more complete and data-driven decisions.
According to his words, cybercriminals use methods such as sending malware to the victim's e-mail address, encrypting data and access, unauthorized access, and taking control of the system in order to attack the potential victim of their choice and steal his personal information. Although different cyberattacks have different methods, their goal is essentially the same: to perform malicious activities on a computer or network. In order to solve these problems, it is very important to detect the attack vector and indicator.
Babak Nabiyev also gave detailed information about the stages of CTI, its strategic, tactical, technical and practical levels, the most used CTI tools in 2022.