Cyber Threat Intelligence for Improving Cyber Supply Chain Security

Abstract

Cyber supply chain (CSC) systems provide operational efficiency and business continuity due to the integrated nature of various network system nodes. Such integration has made the overall system vulnerable to various cyber attacks and malware propagation is one of the common attacks for CSC. Cyber threat intelligence (CTI) provides an organization the capability to identify, gather, analyze threats and the associated risks so that CSC organization can forecast the existing and future threat trends and manage the cybersecurity risk in a proactive manner. A threat actor may attack the system and propagate a malware. The purpose is to manipulate, alter, or change delivery mechanisms. It is imperative to integrate CTI into the existing cybersecurity practice to detect and understand the threat actor's intents and motive. In our previous paper, we used threat analysis gathering to provide us an understanding of the adversaries' capabilities, actions, and intents. This paper contributes to improving the cybersecurity of CSC by using CTI. In particular, we extend our previous work which identifies and analysis CSC attacks and adopts CTI approach to understand the attack trends so that appropriate control can determine proactively. We use the malware a smart grid case study as CSC context to demonstrate our approach. The result demonstrations how CTI approach is applied to assist in preventing cyberattacks and to disseminate threat information sharing.