The recent announcement by Russian authority Roskomnadzor regarding tighter restrictions on the use of Telegram will cause a shift in communication protocols among cyber threat-actors.
-
The recent announcement by Russian authority Roskomnadzor regarding tighter restrictions on the use of Telegram will cause a shift in communication protocols among cyber threat-actors. We may see an increased adoption of alternatives such as Tox and its variants, Wickr, and more widely used platforms like Signal.
We all need to be staying ahead of the evolving threat-actors; otherwise, we risk falling behind.
-
R relay@relay.infosec.exchange shared this topic
-
The recent announcement by Russian authority Roskomnadzor regarding tighter restrictions on the use of Telegram will cause a shift in communication protocols among cyber threat-actors. We may see an increased adoption of alternatives such as Tox and its variants, Wickr, and more widely used platforms like Signal.
We all need to be staying ahead of the evolving threat-actors; otherwise, we risk falling behind.
@Anthony_Kraudelt Hi anthony,
How would you define stay ahead here ?
-
@Anthony_Kraudelt Hi anthony,
How would you define stay ahead here ?
@eingfoan if you have a more mature cyber security environment the use of SEIM tools to detect specific protocols or executables associated with any un-authorized applications would be appropriate. In the case of blocking at the firewall, you could implement specific rules to prevent some of these applications from connecting to outside sources. Adopting a zero trust application execution environment permitting only allow listed programs can reduce the threat of future communication channels. Lastly, don't forget to think backwards. As we start to block and defend against new forms of encrypted communication also think about the old forms such as IRC and older blog platforms which can be used for command and control of compromised systems.
