Most cybersecurity work is geared towards finding ways to prevent intrusions – passwords, two-factor authentication, firewalls, to name a few – and to identify the “chinks in the armor” that need to be sealed. The characteristics of malware are shared publicly, to give everyone from system administrators through users a heads up to guard against an attack.
Little has been done, however, to identify the characteristics of an adversary after they are already inside a network, where they have ways to hide their presence.
Leave a reply
