“Victorious warriors win first and then go to war; defeated warriors go to war first and then seek to win.”
― Sun Tzu, The Art of War
Over the past several years, the cybercrime marketplace has gone through a significant maturation process, achieving parity of sophistication with many of the world’s legitimate markets. Traditional business differentiators such as customer service have migrated to the underground—if the stolen credit card you just bought has been cancelled, you’ll get a refund. Business concepts such as innovate-to-stay-ahead are commonplace amongst cybercrime-as-a-service vendors. This activity, in turn, has generated a lot of noise when it comes to threat intelligence; noise that is making it more difficult for us to distinguish the real threat signal. What is the risk of a single phishing or malware attack? What threat does a conversation between a couple fraudsters about cash out methods pose to your organization? There is just too much noise.