Leveraging threat intelligence to combat nation state espionage threats is a common practice for cybersecurity teams. However, outside of common types of fraud seen in darkweb or closed forums, the same threat intelligence often is not leveraged to combat enterprise fraud.
If you are a target of APT threats by espionage actors, buying access to known behaviors and TTPs used by APT groups is helpful to build detection models. For instance, the foothold, lateral movement, privilege escalation, and exfiltration techniques are generally repeatable across Windows and Linux corporate and production systems. Security teams build threat alerts and threat hunting models on the TTPs that are likely to target their organizations.