2-Extended Analysis-Full

Communities @ Risk 11EXTENDED ANALYSIS: 2.1 Summary, Methodology and Data AnalysisTargeted Threat Index: We developed the Targeted Threat Index (TTI), which isa metric that characterizes and quantifies the sophistication of targeted attacks, toprovide a consistent ranking of how advanced any given targeted malware attack is.The TTI score is calculated by taking a base value determined by the sophistication ofthe targeting method, which is then multiplied by a value for the technical sophisticationof the malware. The base score can be used independently to compare emails, andthe combined score gives an indication of the level of effort an attacker has put intoindividual threats.Cluster Analysis: Through identification of patterns in malware families, developmentcycles, shared infrastructure, and social engineering tactics, we identified relationshipsbetween attacks and, when possible, linked them to known malware campaigns andthreat actors.