Cybersäkerhet: Från reaktiv till proaktiv

Sammanfattning: The number of reported cybercrimes in Sweden is increasing every year. Cybercrimes arebecoming more sophisticated and the attackers are more skilled than before. Attackers usedifferent tactics, techniques and procedures, TTP, to establish their goals. These TTP can beidentified and later used to combat future cyberattacks. This process is known as TacticalThreat Intelligence, TTI, and is characterized by the use of open source intelligence, OSINT, to gather information about previous attacks and TTP. This paper is a literature review toprovide a background of the topic. To further investigate the topic this paper also presents theanalyzis of three different threat intelligence sharing platforms to deepen the understanding ofhow TTI is used today. A statistical analysis is also presented in order to predict future ofcyberthreats. The results of the analysis of the threat intelligence sharing platforms clearly displays theneed to search for information in more than one source. This information will become thefoundation of intelligence, which makes information gathering one of the most importantsteps when working with TTI. The results of the statistical analysis show that cybercrime inSweden will continue to rise. One of the biggest challenges was to identify the current stateof the global cyberthreat landscape since global statistics for cybercrime could not be found.However, the Covid-19 pandemic has forced more people to work from home which hasincreased the number of potential cybercrime victims since home security tends to be lowerthan at a physical offic. Despite this, the number of reported cybercrimes has not increasedremarkably.