Kicking Off…


I was never motivated to work on a personal blog. It always felt like mental overhead I didn’t have a lot of time for. However, with time, I’ve come to realize that I couldn’t even find some of the work I’d previously published through the corporate blogs of previous employers. More importantly, I found that corporate politics and misaligned priorities disincentivized the publication of research findings I found interesting. Rather than big research pieces and unnecessarily verbose papers, I hope to occasionally drop tidbits of what my mentor and friend Costin Raiu calls ‘Cyber Paleontology’ –the study of older APT operations.

Researchers often forego looking at older operations. Perhaps they assume that the results of these investigations will be of little relevance to their customers or present-day defenders. However, in my experience, these operations are seldom confined to specific temporal windows. The threat actors involved seldom go away. No investigation is ever complete. Nor are our findings ever truly conclusive.

Beyond the promise of immediate utility, threat intelligence research must be treated as a worthwhile endeavor in and of itself. It’s the history of humankind’s incursion into the Fifth domain, a medium for international relations, diplomacy, subversion, crime, and influence to play out beyond the obvious and immediate.

I hope others will find them interesting as well.

–J. A.

Previous
Previous

Nazar: A Lost Amulet