Abstract
Cyber intelligence (CYBINT) evolves recently as a discipline with major tasks related to cyber intelligence collection, analysis, and dissemination. CYBINT can be related to several categories of INT (e.g., HUMINT, SIGINT, and OSINT). However, in comparison with those, CYBINT deals with very broad and illusive intelligence spectrum that can require daily changes in terms of intelligence collection, analysis, and dissemination. Additionally, CYBINT can easily cross-national borders bypassing all kinds of security controls. For example, a worm that is created somewhere in the world can spread within hours, minutes, or even seconds to thousands of computers all over the world. One more distinction is that with the five main collection disciplines mentioned earlier, key players are typically countries, government agencies, or some medium to large size companies. On the other hand, in CYBINT, a key player can be just an individual (e.g., a professional hacker) who is making a large impact across the world.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Bibliography
Bambenek J (2013) Hacker hotshots, 11/27/2013
Barger DG (2005) Toward a revolution in intelligence affairs, RAND corporations
Bianco D (2017) The pyramid of pain: threat hunting edition, Huntpedia: your threat hunting knowledge compendium
Brown AE (Georgetown University, 2009) Directed or diffuse? Chinese human intelligence targeting of US defense technology
Chickowski E (2013) Top 15 Indicators of Compromise, darkreading.com, 10/9/2013
Chismon D, Ruks M (2015) Threat intelligence: collecting, analyzing, evaluating. MWR InfoSecurity Ltd. https://www.gpo.gov/fdsys/pkg/GPO-IC21
DoD Joint Publication 2-01, Joint and National Intelligence Support to Military Operations, 22 October 2013. https://fas.org/irp/doddir/dod/jp2_0.pdf
Fischer EA (2014) Federal laws relating to cybersecurity: overview of major issues, current laws, and proposed legislation. https://fas.org/sgp/crs/natsec/R42114.pdf
Gellman B, Poitras L (2013) U.S., British intelligence mining data from nine U.S. Internet companies in broad secret program. Washington post, June 7, 2013
Grant J (2010) Will there be cybersecurity legislation? 4 J. NAT’L SECURITY L. & POL’Y 103, 111
Information Collection, FM 3-55, Department of the Army, No. 3-55 Washington, DC, 23, April 2012. https://fas.org/irp/doddir/army/fm3-55.pdf
Information technology industry council: the IT Industry’s Cybersecurity Principles for Industry and Government (2011) https://www.itic.org/dotAsset/31bcabf8-514e-498e-a0af-7ed37e3a92ef.pdf, www.itic.org, version 3
Intelligence analysis, Department of the army, FM 34-3 https://www.globalsecurity.org/intell/library/policy/army/fm/34-3/fm34-3.pdf
Interagency Threat Assessment and Coordination Group (2009) Homeland security digital library. https://www.hsdl.org/?view&did=33087
IRTPA (2004) The Intelligence Reform and Terrorism Prevention Act, DNI.gov, https://www.dni.gov/index.php/ic-legalreference-book/intelligence-reform-and-terrorism-prevention-act-of-2004
ITACG intelligence guide for first responders, 2nd edn (2011) National Counterterrorism Center (NCTC). http://www.ise.gov/sites/default/files/ITACG_Guide_2ed.pdf
Joint Publication 2-01, Joint and National Intelligence Support to Military Operations, 5 July 2017. https://fas.org/irp/doddir/dod/jp2_01.pdf
Joint Publication 3-13 “Information Operations”—27 Nov. 2012. http://www.jcs.mil/Portals/36/Documents/Doctrine/pubs/jp3_13.pdf
Kenny MT (2006) Leveraging operational preparation of the environment in the GWOT, School of advanced military studies, AY 05-06
Keys RE (4 February 2005) Air Force Policy Directive 10-35: Battlefield Airmen
Kuyers J (2013) ‘Operational preparation of the environment’: ‘intelligence activity’ or ‘covert action’ by any other name? 4 Am. U. Nat’l Security Law Brief 21 (Winter 2013). Available at SSRN: https://ssrn.com/abstract=2398500
Lingel S, Rhodes C, Cordova A, Hagen J, Kvitky J, Menthe L (2008) Methodology for improving the planning, execution, and assessment of intelligence, surveillance, and reconnaissance operations, RAND project airforce. www.rand.org
Lowenthal MM (2008) Towards a reasonable standard for analysis: how right, how often on which issues? Intell Natl Secur 23(3):303–315
Lowenthal MM (2012) Intelligence: from secrets to policy, 5th edn. SAGE/CQ Press, Los Angeles, p 252
Lowenthal MM (2009) Intelligence: from secrets to policy. CQ Press, Washington, D.C. JK 468. I6 L69.
Lowenthal MM, Clark RM (2016) The five disciplines of intelligence collection. CQ Press, Washington DC
Military Decision-making Process (2014) https://usacac.army.mil/sites/default/files/publications/15-06_0.pdf
Miller JP (1999) Millennium intelligence: understanding and conducting competitive intelligence in the digital age, 1st edn. Information Today, Inc.
Naval war college, Maritime component commander guidebook, July 2014
NSA slides explain the PRISM data-collection program (2013) Washington post, June 7, 2013
OpenIOC (2011, October) An introduction to openioc. Retrieved from http://openioc.org/resources/An_Introduction_to_OpenIOC.pdf
SANS Digital Forensics and Incident Response Blog (2009) https://digital-forensics.sans.org, https://digital-forensics.sans.org/blog/2009/10/14/security-intelligence-attacking-the-kill-chain/
Senkowski RM, Dawson MW (2009) Cybersecurity: a briefing—part II. Wiley Rein LLP, August 5, 2009. http://ccbjournal.com/articles/11615/cybersecurity-briefing-part-ii
Stech F, Heckman K, Strom BE (2016) Integrating cyber-D&D into adversary modeling for active cyber defense. In: Cyber deception, July 2016
Strategic Intelligence, JP 1-02, 509, John G. Heidenrich, “The intelligence community’s neglect of strategic intelligence”, Studies in intelligence, cia.gov. https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/vol51no2/the-state-of-strategic-intelligence.html#2-strategic-intelligence-jp
Suspicious Activity Reporting, Process Implementation Checklist, Nationwide SAR initiative, NSI. https://nsi.ncirc.gov/documents/sar_implementation_checklist.pdf
Tanner (2014) Examining the need for a cyber intelligence discipline. J Homeland Natl Secur Perspect 1:1
U.S. Department of Homeland Security, Target Capabilities List, A companion to the National Preparedness Guidelines (2007)
Vez J-L (2017) Guidance on Public Private Information Sharing against Cybercrime, World economic forum
White paper: “Sophisticated indicators for the modern threat landscape: an introduction to OpenIOC” (2013) www.openioc.org
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Alsmadi, I. (2019). Cyber Intelligence Analysis. In: The NICE Cyber Security Framework. Springer, Cham. https://doi.org/10.1007/978-3-030-02360-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-02360-7_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02359-1
Online ISBN: 978-3-030-02360-7
eBook Packages: EngineeringEngineering (R0)