Utilizing intelligence preparation of the operational environment to design an operational cyber intelligence framework
The increasing number of cyber offensive companies (cyber mercenaries) participating in developing and offering cyber offensive tools and services to the authorities, causes a growing concern to the public. This new emerging cyber threat raises the question of the trade-off between privacy and national security. Recently, independent research organizations have found that the regimes in the Middle East and South America were using cyber offensive technologies to target dissidents. This raises some important questions, namely, how those cyber mercenary companies operate, what type of products they offer, who their customers are, in what circumstances are these tools deployed, and what can be done to tackle this type of cyber threat. In order to answer the above questions, this research project aims to develop an operational cyber intelligence framework based on the concept of the intelligence preparation of the operational environment (IPOE) utilizing open-source intelligence (OSINT) to generate threat-actor profiles of these companies, and actionable intelligence to confront them.