Alexander Schraut | American Public University System (APUS) (original) (raw)
Uploads
Papers by Alexander Schraut
Cyber Threat Intelligence (CTI) programs provide critical analysis and support to cyber threat de... more Cyber Threat Intelligence (CTI) programs provide critical analysis and support to cyber threat detection and mitigation. These programs can also support the process of attributing Advanced Persistent Threat (APT) attacks to specific people, organizations, or governments. While many CTI vendors provide attribution reporting and analysis, there does not exist substantive analysis on whether security organizations other than CTI vendors, law enforcement (LE), or the intelligence community should perform this type of analysis. By examining a sample of publicly available APT attribution reports for the time professional groups, require to complete the analysis, team size, and the average CTI analyst salary, this study estimates the average cost and time required per attribution. Private security organizations can use this metric in combination with an understanding of the benefits and pitfalls of attribution to determine if the organization should establish an internal attribution program. Cybersecurity leaders can use this information to determine if an attribution program fits within their resources and risk tolerance.
Keywords: Cyber Threat Intelligence, CTI, Advanced Persistent Threat, APT, Cybersecurity
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
The threat of criminals, terrorists, extremists, or other groups bend on disruption of the United... more The threat of criminals, terrorists, extremists, or other groups bend on disruption of the United States (US) government and its citizenry is increasing daily. First responders represent the front line of the domestic response to destructive acts committed by these groups as well as natural disasters. The ability for first responders to communicate securely without threat of eavesdropping is critical in their ability plan and respond to these types of incidents. The current lack of a national policy on establishing some type of standard for first responder communications leaves a gapping hole in the US’ homeland security structure. The status quo of no national policy cannot continue if the US wants to ensure continued safety of responders. Also, the creation of a federally mandated program would likely meet with resistance from political leaders as well as agency heads due to further perceived federal overstepping of its authority. The most logical policy choice is to select a secure communication standard and recommend and incentivize its adoption through out the nation and federal government. This allows agencies at the federal, state, and local levels to have equal access to interoperable equipment ensuring their ability to communicate securely and effectively.
Bookmarks Related papers MentionsView impact
In the early to mid-1980s, the world was changing. Computers had gone from things that took rooms... more In the early to mid-1980s, the world was changing. Computers had gone from things that took rooms in academic research and government facilities to these small boxes that could sit on your desk. The power of this technology was just coming to light as well as people began to use them in their everyday lives. Officer workers went from using typewriters to word processing programs on computers. Information started to be stored in computer databases instead of large physical file rooms. Kids with a passion for this new technology found new ways to connect and access systems connected to phone lines and networks. The need for some type of security policy was first realized during this time period as the threat of loss or breach of data became a reality. The first federal statutes governing fraudulent computer access was not enacted until 1984, and it only applied to federal computer systems and systems owned by large financial institutions. This significant gap between legislation and reality caused many issues. Federal agencies were not securing their computer systems in a standardized and meaningful way while the bad guys were becoming more and more adept at entering computer systems without authorized access. The Computer Security Act of 1987 was on the first meaningful legislative acts that attempted to fill the gap between current federal computer security practices and the reality of the modern world.
The Computer Security Act of 1987 was a groundbreaking step by the federal government in recognizing the importance of computer security standards and plans, and it provided the basis for the future of the entire federal cybersecurity apparatus. This paper will discuss the history, components, application, and ultimate replacement of the Computer Security Act of 1987. This Act was the first of its kind and attempted to provide the groundwork for federal computer security and training as well as set the minimum standards for agencies’ computer system security. The following discussion will attempt to illuminate this groundbreaking, but little known legislation, as it sought to close a known gap in federal policy. It will also discuss how it took more than a decade of undermining by the Executive Branch and numerous reports and testimony to Congress to demonstrate the need for an updated statute. Finally, knowing the flaws and failures of this Act, this paper will conclude with a brief discussion of the Act’s ultimate replacement, Federal Information Security Management Act of 2002.
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
This paper is written from a Red Team perspective creating a fictional terrorist group (The Gay L... more This paper is written from a Red Team perspective creating a fictional terrorist group (The Gay Liberation Front) from the ground up. It covers the ideology, public affairs, financing, recruitment, training, operations, internal security, communications, and the development of a proposed fictional terrorist operation. It must be stressed that the entirety of this project is written as a thought experiment to design the "perfect" terrorist group in order to better understand how actual groups operate. Through this understanding, we can better interdict these groups and increase overall global security.
Bookmarks Related papers MentionsView impact
Cyber Threat Intelligence (CTI) programs provide critical analysis and support to cyber threat de... more Cyber Threat Intelligence (CTI) programs provide critical analysis and support to cyber threat detection and mitigation. These programs can also support the process of attributing Advanced Persistent Threat (APT) attacks to specific people, organizations, or governments. While many CTI vendors provide attribution reporting and analysis, there does not exist substantive analysis on whether security organizations other than CTI vendors, law enforcement (LE), or the intelligence community should perform this type of analysis. By examining a sample of publicly available APT attribution reports for the time professional groups, require to complete the analysis, team size, and the average CTI analyst salary, this study estimates the average cost and time required per attribution. Private security organizations can use this metric in combination with an understanding of the benefits and pitfalls of attribution to determine if the organization should establish an internal attribution program. Cybersecurity leaders can use this information to determine if an attribution program fits within their resources and risk tolerance.
Keywords: Cyber Threat Intelligence, CTI, Advanced Persistent Threat, APT, Cybersecurity
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
The threat of criminals, terrorists, extremists, or other groups bend on disruption of the United... more The threat of criminals, terrorists, extremists, or other groups bend on disruption of the United States (US) government and its citizenry is increasing daily. First responders represent the front line of the domestic response to destructive acts committed by these groups as well as natural disasters. The ability for first responders to communicate securely without threat of eavesdropping is critical in their ability plan and respond to these types of incidents. The current lack of a national policy on establishing some type of standard for first responder communications leaves a gapping hole in the US’ homeland security structure. The status quo of no national policy cannot continue if the US wants to ensure continued safety of responders. Also, the creation of a federally mandated program would likely meet with resistance from political leaders as well as agency heads due to further perceived federal overstepping of its authority. The most logical policy choice is to select a secure communication standard and recommend and incentivize its adoption through out the nation and federal government. This allows agencies at the federal, state, and local levels to have equal access to interoperable equipment ensuring their ability to communicate securely and effectively.
Bookmarks Related papers MentionsView impact
In the early to mid-1980s, the world was changing. Computers had gone from things that took rooms... more In the early to mid-1980s, the world was changing. Computers had gone from things that took rooms in academic research and government facilities to these small boxes that could sit on your desk. The power of this technology was just coming to light as well as people began to use them in their everyday lives. Officer workers went from using typewriters to word processing programs on computers. Information started to be stored in computer databases instead of large physical file rooms. Kids with a passion for this new technology found new ways to connect and access systems connected to phone lines and networks. The need for some type of security policy was first realized during this time period as the threat of loss or breach of data became a reality. The first federal statutes governing fraudulent computer access was not enacted until 1984, and it only applied to federal computer systems and systems owned by large financial institutions. This significant gap between legislation and reality caused many issues. Federal agencies were not securing their computer systems in a standardized and meaningful way while the bad guys were becoming more and more adept at entering computer systems without authorized access. The Computer Security Act of 1987 was on the first meaningful legislative acts that attempted to fill the gap between current federal computer security practices and the reality of the modern world.
The Computer Security Act of 1987 was a groundbreaking step by the federal government in recognizing the importance of computer security standards and plans, and it provided the basis for the future of the entire federal cybersecurity apparatus. This paper will discuss the history, components, application, and ultimate replacement of the Computer Security Act of 1987. This Act was the first of its kind and attempted to provide the groundwork for federal computer security and training as well as set the minimum standards for agencies’ computer system security. The following discussion will attempt to illuminate this groundbreaking, but little known legislation, as it sought to close a known gap in federal policy. It will also discuss how it took more than a decade of undermining by the Executive Branch and numerous reports and testimony to Congress to demonstrate the need for an updated statute. Finally, knowing the flaws and failures of this Act, this paper will conclude with a brief discussion of the Act’s ultimate replacement, Federal Information Security Management Act of 2002.
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
This paper is written from a Red Team perspective creating a fictional terrorist group (The Gay L... more This paper is written from a Red Team perspective creating a fictional terrorist group (The Gay Liberation Front) from the ground up. It covers the ideology, public affairs, financing, recruitment, training, operations, internal security, communications, and the development of a proposed fictional terrorist operation. It must be stressed that the entirety of this project is written as a thought experiment to design the "perfect" terrorist group in order to better understand how actual groups operate. Through this understanding, we can better interdict these groups and increase overall global security.
Bookmarks Related papers MentionsView impact