Lesson 3 of 4
In Progress

Sample Threat Model

Threat Model

<<Define a Threat Model>>

Types of Attackers

The cyber realm consists of many different types of attackers with many different motivations. It is possible to classify attackers into specific groups and, consequently, identify their potential targets and motivations. Most attackers fall into these groups:

  • Criminals (both organized and opportunistic)
  • Nation-state actors (who typically have deep resources to devote to an attack)
  • Non-state actors (who might be terrorists or rogue political or militant groups)
  • <<Add more attacker types>>

Attack Types

  • Crimeware and opportunistic malware such as:
    1. C2 (84.4 %)
    2. DOS (65.4 %)
    3. Spyware/Keylogger (10.3 %)
    4. Downloader (9.5 %)
    5. Ransomeware (8.8 %)
  • Data disclosure varieties are:
    1. Financial Data (59.6 %)
    2. Credentials (29.6 %)
    3. Personal (18.4 %)
    4. Classified (18.4%)
    5. Internal (17.9 %)
  • Cyber Espionage (Targeted)
  • <<add more>>