Over the last few weeks I've been working with the team at the WEF Atlas project on developing a formal and comprehensive ontology for cybercrime - a way to organize and standardise what we know about the kind of criminal and enabling actors that collaborate to creat harms like Romance Baiting and Cyber Extortion.

I think its important work, and its turning out to be much more difficult then one would anticipate.

It also makes me appreciate the work we've already done - and shared openly - in our "Cybercrime Now" site.

We believe that there is a requirement to provide a considered and complete picture of how the cybercrime ecosystem fits together - to inform strategy, intervention, education and further research.

Cybercrime Now is still a work in progress, but I think it's the best resource out there today. Its fun, its free, and its full of useful information.

Check it out!

https://research.orangecyberdefense.com/now/

@riskybusiness @tomatospy In light of your latest newsletter article "The PLA's Cyber Operations Go Dark", thought you might find this interesting:

https://research.cert.orangecyberdefense.com/hidden-network/report.html

Anyone watching our research outputs over the last while, you'll note that we've been thinking a lot about taxonomies or network diagrams.

Take a look at our Cybercrime Now ecosystem graph for example -

https://research.orangecyberdefense.com/now/

-

or explore our interactive report on how China unites state, corporate, and academic assets for cyber offensive campaigns -

https://research.cert.orangecyberdefense.com/hidden-network/map.html

We hope that both these outputs will educate and benefit you in your own work, but they also represent a milestone in our ongoing effort to understand and communicate the environments in which our adversaries, whether state-backed or criminal, operate.

With this in mind, I'm very interested to hear about any other research or outputs that have succeeding in creating or discussing useful taxonomies, ontologies or network graphs of crime or cybercrime ecosystems.

From conversations with the WEF ATLAS team, it's become apparent that we don't have the full view of relevant taxonomies or ontologies that might already be defined for this purpose, or indeed already be "out there" somewhere.

So... if you've seen other work like this somewhere else, or you know of standards for these kinds of taxonomies, or research on how they should be approached, we'd love to hear about it!

#CyberSecurity #CyberCrime #ThreatIntelligence #network

6 months ago, @mar_pich and our CERT team started working on a way to better map the #ransomware ecosystem and its evolution, including rebrands.🔎

We are really happy to share this handmade cartography, which is based on @orangecyberdef resources, #OSINT and reverse engineering.

Get the chart on GitHub: https://github.com/cert-orangecyberdefense/ransomware_map/blob/main/OCD_WorldWatch_Ransomware-ecosystem-map.pdf

Or our full report here: https://www.orangecyberdefense.com/be/white-papers/cy-xplorer-2023

Wicus Ross shared this link with me, which talks about how security debt accumulates in networks: https://devops.com/software-supply-chain-security-debt-is-increasing-heres-how-to-pay-if-off/

It reminded me a talk I did on the subject at #44con in 2018, which examines the same dynamic. I love this talk - really think its worth your while if you have some time to kill...

https://youtu.be/4Use1n8zGmM