Tim Pappa (Walmart)

The evolution of vulnerability markets and disclosure norms has increasingly conditioned vulnerability and vulnerability patching disclosures to audiences. A limited collection of studies in the past two decades has attempted to empirically examine the frequency and the nature of attacks or threat activity related to the type of vulnerability disclosure, generally finding that the frequency of attacks appeared to decrease after disclosure. This presentation proposes extraordinary disclosures of software removal to disrupt collection baselines, suggesting that disclosure of unnamed but topical enterprise software such as enterprise deception software could create a singular, unique period of collection to compare to baseline cyber threat activity. This disruptive collection event could provide cyber threat intelligence teams and SOCs greater visibility into the periodicity and behaviors of known and unknown threat actors targeting them. The extraordinary disclosure of the removal of enterprise software could suggest there are present vulnerabilities on networks, which could prompt increased cyber threat actor attention and focused threat activity, because there is uncertainty about the removal of the software and the replacement of software, depending on the perceived function and capability of that software. This presentation is exploratory, recognizing that there is perhaps anecdotal but generally limited understanding of how cyber threat actors would respond if an organization disclosed the removal of enterprise software to audiences. This presentation proposes an integrated conceptual interpretation of the foundational theoretical frameworks that explain why and how people respond behaviorally to risk and reward and anticipated regret, applied in a context of influencing threat actors with extraordinary disclosures of removal of enterprise software.

View More Papers

Designing and Evaluating a Testbed for the Matter Protocol:...

Ravindra Mangar (Dartmouth College) Jingyu Qian (University of Illinois), Wondimu Zegeye (Morgan State University), Abdulrahman AlRabah, Ben Civjan, Shalni Sundram, Sam Yuan, Carl A. Gunter (University of Illinois), Mounib Khanafer (American University of Kuwait), Kevin Kornegay (Morgan State University), Timothy J. Pierson, David Kotz (Dartmouth College)

Read More

Experimental Analyses of the Physical Surveillance Risks in Client-Side...

Ashish Hooda (University of Wisconsin-Madison), Andrey Labunets (UC San Diego), Tadayoshi Kohno (University of Washington), Earlence Fernandes (UC San Diego)

Read More

VPN Awareness and Misconceptions: A Comparative Study in Canadian...

Lachlan Moore, Tatsuya Mori (Waseda University, NICT)

Read More

Pisces: Private and Compliable Cryptocurrency Exchange

Ya-Nan Li (The University of Sydney), Tian Qiu (The University of Sydney), Qiang Tang (The University of Sydney)

Read More