What is Cyber Threat ?
This is a cyberthreat in which malicious individuals or formations attempt to gain unauthorized access to devices or a control network, disrupt or render the network unusable.
Cyber-threats can be caused by various places, people, organizations. So let's give this a little bit of an example ;
Hackers
Lamers
Terrorists
Commercial competition content
Spies
Agents
Governments and intelligence agencies
Employees who intend to strike
Organized crime groups (gangs)
The actions of the above-mentioned cyberthreat resources to do harm are called cyberthreats. These threats provide an idea of what kind of scenario the attackers can follow when they attack their victims. For example, the cyber threats we're talking about:
WIPER attacks: Malware that erases everything in the system it is infected in such a way that it cannot be restored.
Distributed Denial of Service (DDoS): These are out-of-service (or service deceleration) attacks.
Malvertising: Malware embedded in advertising.
Malware Spyware
Trojan: It is also called "Trojan Horse", which is malware that provides remote access to the computer.
Phishing: Phishing attacks.
Data breaches: Data leaks.
Worm: Software that acts as worms.
Keylogger: Malware that records keyboard operations.
Backdoor: To access the system again (quietly
The purpose of Cyber Threat
The purpose of cyberthreat is to show organizations and organizations cyberthreats against them,
help the target make sense of the incident, and protect the target.
Cyberthreat intelligence is also intended to detect the thoughts, objectives, motivations,
methods and methods of attackers after analyzing the data collected.
>>>---Cyberthreat intelligence is divided into 3 groups according to their level.--<<<
1 - Strategic Intelligence =>It's the kind of intelligence that's meant to recognize the enemy. It is created as a result of monitoring of institutions, organizations, individuals, or groups with potential for damage. It contains information about the attackers' intentions, motivations, tactics and strategies, past actions and possible attacks.
2 - Operational Intelligence=>This type of intelligence includes the technical, tactical and procedures of the attackers. This information is served to teams providing the SOC (Security operation Center) service and can be analyzed by them and used as a precaution against potential attacks.
>>What is SOC (Security operations Center)?<<
It is a central unit that deals with security issues at the corporate and technical level. It includes three building blocks to manage and improve the security of an organization: People, process and technology. The security operations center acts as a framework that connects these building blocks.