Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Understanding the Modus Operandi of Advanced Persistent Threats: A comparison of the Modus Operandi of Advanced Persistent Threats and their Impact
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Digital Services and Systems.
2020 (English)Independent thesis Advanced level (degree of Master (Two Years)), 80 credits / 120 HE creditsStudent thesis
Abstract [en]

Since Advanced Persistent Threats (APTs) are the most sophisticated form of cyber weapon to date, previous research has indicated that further knowledge about the actors and their Modus Operandi (MO) is needed as the groups are highly organized, skilled and motivated when engaging in cyberoperations with different aims. This thesis poses the research question: how does the desired impact of an APT affect its MO? To answer the research question, a cross-case study is performed using a qualitative case study design. The method of structured focused comparison is employed where the cases of the Russian attributed APT the Sandworm Team and the North Korean-linked APT the Lazarus Group which have engaged in numerous cyberoperations with multiple impacts are compared against the Russian attributed APT Turla and the North Korean attributed APT Kimsuky which have performed numerous cyberoperations with a single impact. The findings, using the MITRE ATT&CK framework, show that there are similarities across the cases in terms of the techniques used but differences in terms of malwares used. The findings therefore indicate that the malware may be the key determinant of the impact of a cyberoperation by an APT.

Place, publisher, year, edition, pages
2020. , p. 61
Keywords [en]
APTs, MITRE ATT&CK, case study, TTPs
National Category
Other Computer and Information Science
Identifiers
URN: urn:nbn:se:ltu:diva-79222OAI: oai:DiVA.org:ltu-79222DiVA, id: diva2:1436213
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level (120 credits)
Supervisors
Examiners
Available from: 2020-06-30 Created: 2020-06-07 Last updated: 2020-06-30Bibliographically approved

Open Access in DiVA

No full text in DiVA

Search in DiVA

By author/editor
Bergsten, Daniela
By organisation
Digital Services and Systems
Other Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 1707 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf