Researchers at the University of Texas at San Antonio (UTSA) developed the first framework to score the agility of cyber attackers and defenders. The cyber agility framework was created to detect and respond to escalating cyber attacks. For over a year, attacks caused by GozNym, a gang of Russian cyber criminals, stole login credentials and emptied bank accounts from unaware Americans. These attacks are one of many that pushed the creation of the cyber agility framework.
Jose Mireles, computer science alumnus currently working for the U.S. Department of Defense, stated that “cyber agility isn’t just about patching a security hole, it’s about understanding what happens over time. Sometimes when you protect one vulnerability, you expose yourself to 10 others.” Additionally, Mireles stated, “Having formal metrics and measurement to understand the attacks that occur will benefit a wide range of cyber professionals.”
Mireles collaborated with fellow UTSA student Eric Ficke to use a honeypot to attract and analyze malicious traffic according to time and effectiveness. Researchers were able to better understand how a series of engagements between attackers and defenders transformed into evolution generation, a pattern of adaptive, responsive and agile patterns.
The cyber agility framework is the first to exist and teaches cyber defenders various responses to an attack. It will not only improve cyber agility, but cyber security overall for years.