Victimology: In The Shoes Of A Cybersecurity Analyst

A recent report from the government showed that 32 percent of businesses identified a cyber security attack in the last 12 months, and one of the most common attacks is spear-phishing - which involves sending targeted sophisticated emails to fool the victims. When a threat arises, the security team role is to investigate and determine the reality of an attack and its severity. This investigation makes it possible to set up a plan to defeat the offensive and, generally, better protect against certain type of attacks.

One of the ways to investigate when a situation such as this happens is called victimology. This process allows security teams to quickly determine if they are dealing with a targeted offensive against businesses or traditional phishing.

To explore this type of investigation, we’ll take the example of a protection system indicating in its alerts that it has blocked six spear-phishing attacks from the same sender, over a period of 45 days.

Victimology: identifying the motives and target of the attack