COMMENTARY: The IC’s Cyber Threat Framework

Ivin Randolph February 12, 2019
Connect--But, be very careful

Was it really worth it?

The Intelligence Community (IC) recently released its Cyber Threat Framework (CTF). They have been working on this since 2012–really, all THIS took 7 years. Does anyone even care that it was designed to characterize and create an ontology (common terms) to tell us how the bad-guys attack systems or networks?

No one can argue about a need for a common lexicon to describe cyber threat attacks, but hasn’t, for example, the EC Council (giving us Certified Ethical Hacker (CEH) certification) already accomplished that? Why not just extend that from the existing Department of Defense (DOD) 8140 (formerly 8570) compliance requirements? The CTF appears far less than complete than the CEH’s model of the threat’s attack pathway Point of View:

Here are those major headings:

  1. Reconnaissance–Can include social engineering, “dumpster diving,” etc.
  2. Scanning and enumeration–Includes scans of open ports and using them for identifying multiple vectors of attack.
  3. Gaining access–The threat has gained a foothold into the system and/or network.
  4. Escalation of privilege–This is very important where weak password protection and not  changing the factory set password of “PASSWORD.”
  5. Maintaining access–Leaving malware and keystroke capture software behind to help expand future intrusions. 
  6. Covering tracks and emplacing backdoors–Wiping logs and creating backdoors to the system to include the  current challenge of Ransomware.
HHS’s Blockchain Initiative & Its Security Pitfall


While we should certainly applaud the multi-billion IC and the Office of the Director of National Intelligence (ODNI) should we have not expected far more?

What would have provided greater value (and taken less than 7 years!!)?

A more valuable “CTF” that companies and agencies could employ would include a better categorization of how to DETECT, ISOLATE, and DEFEAT threats. This would have had greater value to the cybersecurity community at-large.

Here is a current ODNI slide deck on the CTF

Blockchain Council
Tags: , ,

More Stories

CYBER DECEPTION: Impact to Cybersecurity and the Application of Machine Learning Tools

Donna Columbus January 15, 2023

How the DOD Can be Successful against the Major Cyber Threat Actors?

Dr. Mark Russo January 5, 2023

2023: Why Cybersecurity Matters to Businesses

admin December 30, 2022

The Best Metrics to use in Protecting your Computer infrastructure and the Types of Threats Facing Businesses

Dr. Mark Russo December 30, 2022
art artistic blank book bindings

CRITIQUE: The Problems with the Scientific-based Risk Metrics Methodology

Dr. Mark Russo August 16, 2020

February 2020: CMMC Latest FAQs

admin February 13, 2020

You may have missed

Cyber Threat Hunting (CTH) in an Age of Escalating Cyber Threats

Dr. Mark Russo July 4, 2023

Should You Hire a Virtual CISO?

admin February 1, 2023

TOP 5: The Main Implications of ML to Help Deter Cyber-threats

Dr. Mark Russo January 27, 2023

CYBER DECEPTION: Impact to Cybersecurity and the Application of Machine Learning Tools

Donna Columbus January 15, 2023
%d bloggers like this: