Tim Pappa (Walmart)

The evolution of vulnerability markets and disclosure norms has increasingly conditioned vulnerability and vulnerability patching disclosures to audiences. A limited collection of studies in the past two decades has attempted to empirically examine the frequency and the nature of attacks or threat activity related to the type of vulnerability disclosure, generally finding that the frequency of attacks appeared to decrease after disclosure. This presentation proposes extraordinary disclosures of software removal to disrupt collection baselines, suggesting that disclosure of unnamed but topical enterprise software such as enterprise deception software could create a singular, unique period of collection to compare to baseline cyber threat activity. This disruptive collection event could provide cyber threat intelligence teams and SOCs greater visibility into the periodicity and behaviors of known and unknown threat actors targeting them. The extraordinary disclosure of the removal of enterprise software could suggest there are present vulnerabilities on networks, which could prompt increased cyber threat actor attention and focused threat activity, because there is uncertainty about the removal of the software and the replacement of software, depending on the perceived function and capability of that software. This presentation is exploratory, recognizing that there is perhaps anecdotal but generally limited understanding of how cyber threat actors would respond if an organization disclosed the removal of enterprise software to audiences. This presentation proposes an integrated conceptual interpretation of the foundational theoretical frameworks that explain why and how people respond behaviorally to risk and reward and anticipated regret, applied in a context of influencing threat actors with extraordinary disclosures of removal of enterprise software.

View More Papers

You Can Use But Cannot Recognize: Preserving Visual Privacy...

Qiushi Li (Tsinghua University), Yan Zhang (Tsinghua University), Ju Ren (Tsinghua University), Qi Li (Tsinghua University), Yaoxue Zhang (Tsinghua University)

Read More

WIP: Adversarial Retroreflective Patches: A Novel Stealthy Attack on...

Go Tsuruoka (Waseda University), Takami Sato, Qi Alfred Chen (University of California, Irvine), Kazuki Nomoto, Ryunosuke Kobayashi, Yuna Tanaka (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN)

Read More

ReqsMiner: Automated Discovery of CDN Forwarding Request Inconsistencies and...

Linkai Zheng (Tsinghua University), Xiang Li (Tsinghua University), Chuhan Wang (Tsinghua University), Run Guo (Tsinghua University), Haixin Duan (Tsinghua University; Quancheng Laboratory), Jianjun Chen (Tsinghua University; Zhongguancun Laboratory), Chao Zhang (Tsinghua University; Zhongguancun Laboratory), Kaiwen Shen (Tsinghua University)

Read More