Automated Collection of Open Source Intelligence

Total Page:16

File Type:pdf, Size:1020Kb

Automated Collection of Open Source Intelligence Masaryk University Faculty of Informatics Automated Collection of Open Source Intelligence Master’s Thesis Bc. Ondřej Zoder Brno, Fall 2020 Declaration Hereby I declare that this paper is my original authorial work, which I have worked out on my own. All sources, references, and literature used or ex- cerpted during elaboration of this work are properly cited and listed in com- plete reference to the due source. Bc. Ondřej Zoder Advisor: RNDr. Lukáš Němec i Acknowledgements I would like to thank my advisor RNDr. Lukáš Němec for his guidance throughout the entirety of this thesis. My thanks also go to RNDr. Martin Stehlík, Ph.D. who provided many valuable suggestions and helped shape the tool that is the outcome of this thesis. Huge appreciation goes to my family for the support they have given me during all the years of my studies. I also want to thank Cedric from CIRCL.LU for providing me free access to their Passive DNS and Passive SSL databases, and Gregory from Spyse for giving me a free trial for their port discovery service, which allowed me to extend Pantomath and further test the reliability estimation model. ii Abstract With the ever-growing amount of data available on the Internet and the wide- spread adoption of social media networks, publicly accessible websites have grown into a goldmine of valuable information about individuals and com- panies. Open Source Intelligence, shortly OSINT, is any information obtain- able legally and ethically from publicly available sources addressing specific intelligence requirements. The relatively easy and cheap integration makes OSINT a practical solution for national security, cyber threat intelligence, and many other fields. This thesis presents a framework called Pantomath for an automated collection of OSINT that utilizes many existing tools and services. The framework is highly modular, provides all the functionality needed throughout the whole process of OSINT, offers three modes of oper- ation for different anonymity requirements, and presents the data in a struc- tured output. The reliability of some of the collected data is estimated to allow the user to analyze the data more efficiently and precisely. The frame- work is compared to existing OSINT automation tools, and the most notable advantages and disadvantages are discussed. iii Keywords OSINT, open-source intelligence, OSINT automation, military intelligence, social media intelligence, threat intelligence, Pantomath iv Contents 1 Introduction 1 2 Open Source Intelligence 3 2.1 Challenges .............................5 2.1.1 Legal and Ethical Aspects . .6 2.2 Value and Use Cases .......................8 2.2.1 Military Intelligence . .9 2.2.2 Cybersecurity . 10 2.2.3 Social and Business Intelligence . 11 2.3 State-of-the-Art .......................... 12 2.3.1 Natural Language Processing . 13 2.3.2 Machine Learning . 14 3 OSINT Sources and Tools 17 3.1 Overview ............................. 17 3.2 OSINT Automation ....................... 23 3.2.1 Recon-ng . 24 3.2.2 Maltego . 25 3.2.3 SpiderFoot . 26 4 Pantomath: Tool for Automated OSINT Collection 28 4.1 Problem Statement ........................ 28 4.2 Architecture and Functionality ................. 30 4.2.1 Base Framework . 31 4.2.2 Modes of Operation . 33 4.2.3 Modules . 35 4.3 Reliability Estimation ...................... 41 4.3.1 Cyber Threat Intelligence . 44 4.3.2 Geolocation . 45 4.3.3 Port Discovery . 47 5 Evaluation and Discussion 49 5.1 Evaluation of Reliability Estimation .............. 49 5.1.1 Cyber Threat Intelligence . 49 5.1.2 Geolocation . 50 5.1.3 Port Discovery . 53 5.2 Comparison with Existing Tools ................ 54 5.3 Future Work ........................... 56 v 6 Conclusions 59 Bibliography 60 A Appendices 73 vi 1 Introduction With the exponential growth of the Internet in the last few decades, the amount of data stored around the world has become immeasurable. It is estimated that four of the biggest online companies, Amazon, Microsoft, Google, and Facebook, store at least 1.2 million terabytes of data. At first, data was thought of as a mere by-product of computing, but it has even- tually grown into a product itself [1]. Companies sell their users’ data to others that benefit from it, so collecting data of any value is essential for many. A large portion of Internet data is accessible to anyone with an In- ternet connection and often contains a lot of knowledge about individuals, companies, or governments. All this data is commonly called Open Source Intelligence, or shortly OSINT. The value of OSINT is increasingly getting recognized in many different fields. According to [2], over 80% of the knowledge used for policymaking on a national level is derived from OSINT. Cyber threat intelligence heavily utilizes OSINT and combines it with data collected by security devices to evaluate possible threats to companies’ infrastructures. All in all, publicly available sources constitute an irreplaceable source of knowledge. However, due to the immense amount of data on the Internet and its unstructured and heterogeneous nature, the collection and processing of OSINT is a challeng- ing task requiring non-trivial methods. Arguably one of the biggest draw- backs of OSINT is the lack of mechanisms for verification of the collected information [3]. To make the whole process of OSINT easier and more accessible, various tools and services that provide useful information exist. These range from simple websites that provide basic information about IP addresses to more complex tools implementing state-of-the-art algorithms, such as Shodan [4]. A framework called Pantomath for an automated collection of OSINT is pre- sented in this thesis. The framework utilizes existing tools and services that provide valuable information about Internet identifiers, such as IP addresses or domain names. As the number of these services is enormous, Pantomath was designed to make the integration of new sources more straightforward by moving the data collection to separate modules, which can be added by merely implementing a well-defined interface. To address the user’s anonymity requirements, Pantomath offers three modes of operation with varying guarantees and drawbacks. The overt mode represents a regular operation where all sources are used, and an Internet connection is required. In the stealth mode, all requests sent to the Internet 1 1. Introduction are proxied through the Tor network. The offline mode provides the highest guarantees for the user’s anonymity, as only a database of preprocessed data is queried, and no Internet connection is needed. Pantomath also attempts to tackle possibly the biggest challenge of OSINT – the validation of the gath- ered data. A mathematical model for reliability estimation of the results is defined and used in several modules. The thesis is organized as follows. Chapter 2 introduces OSINT, discusses some of the challenges, the value it provides, the fields where OSINT is often utilized, and a few state-of-the-art techniques that improve the efficiency of OSINT collection. Chapter 3 outlines the sources that can be used to gather the data and some tools that aim to automatize this process. Pantomath, a tool for an automated collection of OSINT, is presented in Chapter 4. Chapter 5 evaluates Pantomath, compares it to tools with similar goals, and drafts the possible extensions and improvements. 2 2 Open Source Intelligence Intelligence is a process of information gathering for the purpose of providing a clear understanding of issues, allowing responsible people to make indepen- dent and impartial decisions [3]. Thomas Fingar [5] states that the primary purpose of intelligence is to reduce uncertainty about intentions, capabilities, and actions of adversaries and allies. To be of any value, intelligence must be up-to-date, accurate, relevant, and verifiable. The goal of intelligence is not only to collect data but also to identify parts of the data that are valuable for the issue at hand, link them together, and evaluate them. Open Source Intelligence (OSINT) is an intelligence based on information that can be obtained legally and ethically from publicly available sources [6]. OSINT is considered to be the oldest form of intelligence gathering, with its earliest usage going as far as the Second World War, where radio and print sources were used [7]. However, its utility increased significantly with the emergence of information technologies and the Internet in particular [8]. It is estimated that over 80% of knowledge used for policymaking on a na- tional level is derived from OSINT [2, 9]. OSINT is a broad term, and the exact definitions can vary depending on the field of study. The Office of the Director of National Intelligence of the U.S. [10] defines it as intelligence produced from publicly available infor- mation that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement. They state that the sources of OSINT include mass media, public data, gray literature, and observation and reporting. For the purpose of this thesis, the definition will be narrowed down to intelligence based on information openly accessible over the Internet. The Internet itself is not considered as a source of OSINT, but rather a platform through which the sources are accessed. There are borderline cases of sources that might not be regarded as part of OSINT by some definitions, e.g., any private information that was made public even though it was not the intention of the owner of that information. That might occur due to some error, e.g., a misconfiguration of the system containing this information or because a third party published it. Examples of such sources are WikiLeaks [11] or any data leaks that are available on the Internet. This thesis considers this type of information as OSINT. For example, discovering a vulnerability in a system is recognized as OSINT, exploiting this vulnerability to bypass the security of the system and gain some information from the inside is not.
Recommended publications
  • Better Market Intelligence with Smart Search Anaging Uncertainty and Risk in Business Requires a 1 Mcomprehensive Market Intelligence Approach
    Better Market Intelligence with Smart Search anaging uncertainty and risk in business requires a 1 Mcomprehensive market intelligence approach. But maintaining ongoing knowledge of competitor activity/strategies, not to mention the latest legal and regulatory shifts and economic factors, is more difficult than ever before. Defining a competitive set has never been more complicated A clear view of your competitor landscape is essential. Unfortunately, comprehensively tracking competitors can be imprecise and hard to measure when competitive lines are shifting such as: Entrenched players expand into a new vertical (e.g., Amazon buys Whole Foods) Disruptive startups radically change a competitive landscape overnight (especially since disruptors are hard to track due to a nascent digital footprint). Information overload + data fatigue Historically, market intelligence programs operated under the belief that analysis of competitors could be based exclusively on publicly available information.1 While some high quality secondary sources of A wealth of information information—for example, broker research—are not is a double-edged sword. free for the general public, it is true that a wealth of It creates noise, making it information about companies is readily available on difficult to hone in on the the Internet. most relevant information But a wealth of information is a double-edged sword. to your precise interests. It creates noise, making it difficult to hone in on the most relevant information to your precise interests. It’s easy to publish unverified, uncited information, making it too easy for a company to push a strategic communications message that’s impossible to verify (for example, “We’ll be first to market with this cancer-stopping drug”).
    [Show full text]
  • Competitive Intelligence: Systematic Collection and Analysis of Information
    Journal of Critical Reviews ISSN- 2394-5125 Vol 6, Issue 5, 2019 Competitive Intelligence: Systematic Collection and Analysis of Information Kundharu Saddhono1, Jacky Chin2, Apriana Toding3, Muhammad Nuzul Qadri4, Ismail Suardi Wekke5 1Universitas Sebelas Maret, Indonesia. E-mail: [email protected] 2Industrial Engineering Department, Mercu Buana University, Jakarta 11650, Indonesia 3Department of Electrical Engineering, Universitas Kristen Indonesia Paulus, South Sulawesi, Indonesia 4Sekolah Tinggi Ilmu Ekonomi Enam Enam, Kendari, Indonesia 5Sekolah Tinggi Agama Islam Negeri (STAIN) Sorong, Indonesia Received: 17.11.2019 Revised: 14.12.2019 Accepted: 18.12.2019 Abstract: Nowadays data is that the economic basis of every company. One has to understand the merchandise, the technology behind it, however additionally the client, the contestant and different circumstances that influence the business. The scientific term for the need information of data gathering and its transformation into applicable knowledge is Competitive Intelligence. This thesis focuses on three queries concerning competitive intelligence that area unit coupled during a model. First off it offers an outline concerning the foremost vital styles of competitive intelligence. Supported three sorts, specifically Market Intelligence, contestant Intelligence and Internal Intelligence, it raises the question if there area unit industry- specific necessities and general key aspects of the activity. The main focus cluster consists of fifteen international corporations from completely different industries that were analyzed with regard to military operation and kinds of competitive intelligence activities. Secondly the thesis considers legal aspects. It asks however effective international treaties and European laws area unit in terms of legal action of unfair competition and protection of material possession rights.
    [Show full text]
  • Open Source Intelligence and Osint Applications
    Sanna Tuominen OPEN SOURCE INTELLIGENCE AND OSINT APPLICATIONS OPEN SOURCE INTELLIGENCE AND OSINT APPLICATIONS Sanna Tuominen Bachelor’s Thesis Spring 2019 Information Technology Oulu University of Applied Sciences ABSTRACT Oulu University of Applied Sciences Degree Programme in Information Technology, Option of Intelligent Systems Author: Sanna Tuominen Title of the bachelor’s thesis: Open Source Intelligence and OSINT Applications Supervisor: Eino Niemi Term and year of completion: Spring 2019 Number of pages: 55 + 3 appendices Emerge of the Internet as a global platform for sharing and exchanging information world-wide has increased exponentially the amount of publicly available data. Open source intelligence [OSINT] aims at addressing specific intelligence requirements utilising this data. Open source intelligence is traditionally associated with military intelligence, yet users of OSINT today are ranging from governments to businesses and regular citizens. The objective of this thesis was to study what open source intelligence is and demonstrate the use of selected OSINT tools. In the theory sections, this thesis considered the current state of OSINT and evaluated its future. The popularity of OSINT is increasing, and the usage of OSINT is expanding into new arenas. The main challenge with OSINT is the trouble of finding the meaningful bits from massive data amounts. Hence, this thesis introduced and demonstrated three OSINT solutions displaying the nature and the differing attributes of the selected OSINT solutions. The study of the solutions was conducted as a demonstration assessment, where the use and the results of selected OSINT solutions were recorded and observed. The thesis findings show that the range of OSINT solutions is wide and scattered.
    [Show full text]
  • Market Intelligence Surveillance Market Intelligence, Surveillance
    Market Intelligence, Surveillance Systems and Techniques to Detect and Deter Securities Market Fraud Ester Saverson, Jr., Assistant Director Office of International Affairs U.S. Securities and Exchange Commission* *The U.S. Securities and Exchange Commission, as a matter of policy, disclaims responsibility for any private publication or presentation of its staff. The views expressed herein are those of the authors and do not necessarily reflect the views of the Commission, individual commissioners, or the author’s colleagues on the staff of the Commission. Three Major Types of Market Fraud Trade Based Market Manipulation – Pre-arranged Trades • Washed Trades • MthdTMatched Tra des – Marking (pegging and capping) the Close – Short Squeeze – Controlling the Supply of a Security AtiAction B ased dM Mark ktMet Man ipu ltilation – Misrepresentation or False Statement IfInformat ion B ased dMk Market Man ipu lat ion – Insider Trading – Front Running Why is Market Fra ud Bad? Fraud affects the integrity of the market – Drive pppeople out of market – Keep capital on the sidelines MiltidittthidManipulation distorts the independ dtent trading and pricing mechanism – Raises the cost of capital – Lowers cost of securities Securities regulation is intended to ensure tha t mar ke ts are fa ir, effi ci ent and transparent Areas of Concern TdiTrading at or near th hCle Close Spikes in volume or price Block Trading Offerings Redemptions Program Trading Short Sales Mergers and Acquisitions Spikes Before a material announcement Key Elements
    [Show full text]
  • BIS Quarterly Review September 2007 International Banking and Financial Market Developments
    BIS Quarterly Review September 2007 International banking and financial market developments BIS Quarterly Review Monetary and Economic Department Editorial Committee: Claudio Borio Frank Packer Paul Van den Bergh Már Gudmundsson Eli Remolona William White Robert McCauley Philip Turner General queries concerning this commentary should be addressed to Frank Packer (tel +41 61 280 8449, e-mail: [email protected]), queries concerning specific parts to the authors, whose details appear at the head of each section, and queries concerning the statistics to Philippe Mesny (tel +41 61 280 8425, e-mail: [email protected]). Requests for copies of publications, or for additions/changes to the mailing list, should be sent to: Bank for International Settlements Press & Communications CH-4002 Basel, Switzerland E-mail: [email protected] Fax: +41 61 280 9100 and +41 61 280 8100 This publication is available on the BIS website (www.bis.org). © Bank for International Settlements 2007. All rights reserved. Brief excerpts may be reproduced or translated provided the source is cited. ISSN 1683-0121 (print) ISSN 1683-013X (online) BIS Quarterly Review September 2007 International banking and financial market developments Overview : credit retrenchment triggers liquidity squeeze.................................... 1 Credit markets sell off as mortgage exposures are reassessed ............. 2 Box: Liquidity risk and ABCP mechanics ............................................ 7 Bond yields plunge as investors flee risky assets .................................
    [Show full text]
  • Introduction to Competitive Intelligence
    INTRODUCTION TO COMPETITIVE INTELLIGENCE GIA WHITE PAPER 1/2004 Executive Summary Competitive intelligence can be defined as The intelligence terminology has always been knowledge and foreknowledge about the somewhat blurred, and new terms emerge as the external operating environment. The ultimate intelligence discipline matures within the corporate goal of each intelligence process is to facilitate setting. decision-making that leads to action. • Competitive Intelligence, Successful business strategy requires awareness • Business Intelligence, about the company’s external environment, • Market Intelligence and including its customers, competitors, industry • Corporate Intelligence structure, competitive forces etc. Information about these issues is the key target of competitive are often used interchangeably or as synonyms, intelligence. Competitive intelligence can be while defined as knowledge and foreknowledge about the external operating environment. The ultimate • Strategic Intelligence, goal of each intelligence process is to facilitate • Customer Intelligence, decision-making that leads to action. • Competitor Intelligence and • Technology Intelligence The intelligence process enables turning information into intelligence by processing it via analysis, add a dimension of specificity to the subject. interpretation and synthesis and utilizing it in the Eventually, all intelligence terms refer to using future-oriented decision-making. Managing the systematic methods to collect, analyze and future does not only mean being able to anticipate disseminate information that supports decision- what will happen outside the company but also making. being able to shape the happenings through own actions, i.e. to proactively create one’s future. According to one of the views, Competitive Intelligence (CI) is regarded as the broadest Competitive Intelligence is not market research scope of intelligence activities covering the whole or industrial espionage.
    [Show full text]
  • January 26, 2021 | for Informational Purposes Only This Is
    • ARK Investment Management LLC Big Ideas 2021 January 26, 2021 | For Informational Purposes Only This is not a recommendation in relation to any named securities and no warranty or guarantee is provided. Any references to particular securities are for illustrative purposes only. There is no assurance that the Adviser will make any investments with the same or similar characteristics as any investment presented. The reader should not assume that an investment identified was or will be profitable. PAST PERFORMANCE IS NOT INDICATIVE OF FUTURE PERFORMANCE, FUTURE RETURNS ARE NOT GUARANTEED. www.ark-invest.com 2 • Big Ideas 2021 ARK aims to identify large-scale investment opportunities by Introduction focusing on who we believe to be the leaders, enablers, and beneficiaries of disruptive innovation. While we believe innovation is the key to growth, the opportunities it creates can be missed or misunderstood by traditional investment managers who are more focused on sectors, indexes, short-term earnings, and price movements. ARK’S BIG IDEAS ARK seeks to gain a deeper understanding of the convergence, market potential, and long-term impact of disruptive innovation by researching a global universe that spans sectors, industries, and markets. Today, we are witnessing an acceleration in new technological breakthroughs. To enlighten investors on the impact of these breakthroughs and the opportunities they should create, we began publishing Big Ideas in 2017. This annual research report seeks to highlight the latest developments in innovation and offers some of our most provocative research conclusions for the year. About ARK Headquartered in New York City, ARK Investment Management LLC is a federally registered investment adviser and privately held We hope you enjoy our “Big Ideas” for 2021.
    [Show full text]
  • Market Intelligence in Large Companies
    Market Intelligence in Large Companies Global Study 2007 GIA White Paper 2/2007 This is the second time the 1. EXecUtiVE SUmmaRY For this report, 281 companies were interviewed in order to Global Market Intelligence identify the present status, organization, IT tools and future Study has been carried out; outlook of Market Intelligence activities. the first time was in 2005 Companies from the following countries took part in the study: Belgium, Finland, UK, the Netherlands, United States, India, and it is now one of the most Brazil, Germany, and Spain. Member companies in the Global Intelligence Alliance in these countries were responsible for data comprehensive, if not the most collection. comprehensive, global Market In general, the vast majority of large companies in all markets conduct Market Intelligence activities which are mostly aimed Intelligence study based on at acquiring further information on competitors, industry and interviews. customers. Market Intelligence activities are mainly conducted to support corporate strategic planning and business development, while sales and marketing remain another typical user group of the collected business information. Market Intelligence is currently still a relatively nascent practice within companies, however, across all the markets companies do appear to conduct all forms of MI activities (continuous monitor- ing, regular reviews, ad-hoc reports). GIA White Paper 2/2007 Market Intelligence in Large Companies - Global Study 2007 The vast majority of companies conduct their own Market Intelligence information process- 2/2007 ing within a centralized unit. However, MI activity is still relatively small-scale given that the global average for personnel allocated to MI activities is below ten.
    [Show full text]
  • Market Intelligence Utilization by Small Food Companies: an Application of the Grounded Theory Method in Exploratory Research Aaron J
    Market Intelligence Utilization by Small Food Companies: An Application of the Grounded Theory Method in Exploratory Research Aaron J. Johnson, Thorsten M. Egelkraut, and Cyrus Grout Insights into how small agribusinesses acquire, process, and use market intelligence are critical to improving their marketing competencies and to understanding practices that lead to better business performance. However, the cur- rent body of literature is limited in this topic. We apply the exploratory research method of grounded theory to better understand how small- to medium-sized food companies fi nd and utilize information in their decision-making process. We develop a taxonomy of information types sought and provide insight into how and when these fi rms utilize this information. In addition, we develop a conceptual model that demonstrates different relationships between informa- tion, knowledge, and actions. Decision-makers continuously face the challenge their decision-making process? Grounded theory, of identifying and interpreting market intelligence which was effectively introduced to agribusiness and balancing the costs and benefi ts of acquiring researchers by Bitsch (2001, 2005), is particularly and using that information. While larger agricultural well suited to this study’s objective, as it provides companies have separate marketing departments, a rigorous and systematic framework to inductively small agribusinesses often lack the resources and generate new understandings and to capture unex- skills for extensive market research and intel- pected results that may be missed by other meth- ligence processing. As a result, small businesses ods that rely on ex ante hypotheses (Finch 2002). are likely to conduct market research haphazardly, Employing grounded theory, we generate nine if at all (Carson, McGowan, and Hill 1996; Udell, testable hypotheses of how small food companies Knotts, and Jones 2002).
    [Show full text]
  • Basel “IV”: What’S Next for Banks? Implications of Intermediate Results of New Regulatory Rules for European Banks
    Basel “IV”: What’s next for banks? Implications of intermediate results of new regulatory rules for European banks Global Risk Practice April 2017 Authored by: Sebastian Schneider Gerhard Schröck Stefan Koch Roland Schneider 2 Implications of intermediate results of new regulatory rules for European banks Contents Executive summary 5 1 Beyond Basel III 6 1.1 Regulatory changes ahead 6 1.2 Need for a comprehensive view of regulations’ coming impact 6 2 Expected capital impact for the European banking industry 9 2.1 Impact at sector level 9 2.2 Variations in capital impacts between geographies … 10 2.3 ... size of institution 12 2.4 ... and business model 12 2.5 Expected impact on ROE 13 3 Implications and reactions: How banks can react 15 3.1 Mitigating actions 15 3.2 “No-regret” actions until Basel IV rules are finalized 22 Appendix 24 Global rules analyzed 24 Further regulatory initiatives 24 Methodology 26 Implications of intermediate results of new regulatory rules for European banks 3 Executive summary Many European banks will face significant capital shortfalls under the so-called Basel “IV” reforms proposed by the Basel Committee on Banking Supervision (BCBS). The current state of the suggested changes (a mix of consultation papers and finalized standards) would rework the approach to risk-weighted assets (RWA) and possibly internal ratings, as well as set regulatory capital floors. According to our analysis, if banks do nothing to mitigate their impact, these rules will require about €120 billion in additional capital, while reducing the banking sector’s return on equity by 0.6 percentage points.
    [Show full text]
  • Oaklins PE Newsletter Oct2020.Pdf
    Navigating through the cycle PRIVATE EQUITY NEWSLETTER, THE NETHERLANDS | Q3 2020 “In the past decade the private equity (PE) and M&A UPDATE (pg.2) Deal flow in the Netherlands decreased dramatically related industries have experienced a tailwind in Q2 on the back of COVID-19, but Q3 shows there is like never before. The outbreak of COVID-19 once again an upward trend. drastically changed the direction of the wind, DEBT UPDATE (pg.6) and portfolio companies suddenly needed their Leverage multiples maintain their levels in these support to cope with the new environment. turbulent times, though pricing shows a step-up. SECTOR IN THE SPOTLIGHT: MEDTECH (pg.10) Now that the dust has settled, investment Software and related technology companies dealing managers are starting to look for deals again. in healthcare are in high demand. And with the abundance of capital available and many sectors still performing strongly, deal ABOUT OAKLINS (pg.14) Our newly published market-intelligence reports can flow and valuations do not seem to be hit as give you the best insights into your sectors of interest. hard as was seen in 2008. The impact of the pandemic on the Dutch M&A landscape has, however, been quite different from other countries, as can be read on the next pages.” FRANK DE HEK PRIVATE EQUITY SPECIALIST OAKLINS M&A update M&A ACTIVITY IN Numbers of deals in the Netherlands THE NETHERLANDS 304 310 308 295 The M&A deal flow has been 288 293 278 261 relatively stable in recent years. 103 90 241 107 95 81 79 But the COVID-19 crisis is radically 91 60 211 79 changing the landscape.
    [Show full text]
  • Cyber Risk Toolkit
    CYBER RISK TOOLKIT American Academy of Actuaries Cyber Risk Task Force, Casualty Practice Council AUGUST 2021 ACTUARY.ORG The American Academy of Actuaries’ Cyber Risk Toolkit, developed by the Academy’s Cyber Risk Task Force, is comprised of a series of papers addressing issues pertinent to cyber risk insurance and cyber exposure. This toolkit is intended to be a resource for interested readers of the general public, public policymakers, the actuarial profession, the insurance sector, and other stakeholders. Cyber risk issues have been in the news regularly recently, and those using the toolkit can benefit from the perspectives offered in the papers. While each is a standalone paper, in total they offer a cohesive overview of the challenges posed in the cyber insurance market. The toolkit may be updated periodically to reflect new and emerging work from the task force. The American Academy of Actuaries is a 19,500-member professional association whose mission is to serve the public and the U.S. actuarial profession. For more than 50 years, the Academy has assisted public policy makers on all levels by providing leadership, objective expertise, and actuarial advice on risk and financial security issues. The Academy also sets qualification, practice, and professionalism standards for AMERICAN ACADEMY OF ACTUARIES actuaries in the United State 1850 M STREET NW, SUITE 300, WASHINGTON, D.C. 20036 202-223-8196 | ACTUARY.ORG © 2021 American Academy of Actuaries. All rights reserved. Cyber Risk Toolkit CONTENTS An Introduction to Cyber 3 Cyber Threat Landscape 29 Silent Cyber 37 Cyber Data 43 Cyber Risk Accumulation 50 Cyber Risk Reinsurance Issues 56 Ransomware 60 CYBER RISK TOOLKIT 1 2 CYBER RISK TOOLKIT An Introduction to Cyber This introductory paper addresses some of the key aspects of cyber risk and insurance such as general product market, and insurance coverages and features.
    [Show full text]