Threat Actors
- Vulnerability - asset value and ease of exploit - Threat - potential of exploit - Internal/External - Intent/Motivation - Sophistication/Resources/Capabilities Different Levels - Script Kiddies - Hackers - Teams/Hacktivists/Ideologically motivated - Direct Access - Removable Media - Social Engineering - Remote Access - Supply Chain - by attacking further up the production chain attackers may install backdoors into underlying software - Web browsing - Cloud services - Clouds usually pool users on the same machine, attackers might try to get on a particular machine and attack it's memory to see your data - Primary Research - Dark Net/Dark Web message boards and forums - External Resources - Information Subscriptions - Open Source Intelligence (OSINT) - Academic Journals - Conferences - Request for Comment - Unauthorized software, files, port/protocol usage, hardware or accounts - Service Disruption, overuse or nonstandard usage