Adversary Classes
| Adversary Class | Category | Details |
|---|---|---|
| Cyber Vandalism | Goals | Personal motives (e.g., attention, malice), Financial gain (fraud) |
| Scope | Organizational subset (e.g., public-facing service or Web site) | |
| Timeframe, Persistence, and Stealth | Hacker revisits specific venues sporadically, but is not persistent, nor stealthy | |
| Examples of Effects | Web site defacement, DoS attack, falsification of selected records | |
| Capability Examples | Freeware or purchased malware, purchased botnets, purchased or stolen credentials | |
| Cyber Incursion | Goals | Personal motives (e.g., acquire personally identifiable information or PII about target individuals), Financial gain (fraud, salable information, extortion), Stepping-stone |
| Scope | Organizational Operations; Organizational Associates | |
| Timeframe, Persistence, and Stealth | Time-frame — and stealth: Sustained, persistent activities in selected stages of Cyber Attack Lifecycle (CAL): recon, deliver, exploit, control (limited), execute; limited concern for stealth | |
| Examples of Effects | Data breach, Ransomware, extended DoS | |
| Capability Examples | Freeware or purchased malware, purchased botnets, purchased or stolen credentials used to acquire more credentials and further escalate privileges | |
| Cyber Breach & Organizational Disruption | Goals | Financial gain (large-scale fraud or theft, salable information, extortion), Geopolitical advantage (economic), Stepping-stone |
| Scope | Organizational Operations; Organizational Associates | |
| Timeframe, Persistence, and Stealth | Sustained with persistent, stealthy activities in most stages of CAL: recon, deliver, exploit, control, execute, maintain | |
| Examples of Effects | Extensive data breach, Establish foothold for attacks on other organizations | |
| Capability Examples | Adversary-developed malware (0-day exploits) | |
| Cyber Espionage & Extended Disruption | Goals | Financial gain (fraud, salable information, extortion), Geopolitical advantage (all types) |
| Scope | Organizational Operations; Sector | |
| Timeframe, Persistence, and Stealth | Sustained with persistent, stealthy activities in all stages of CAL | |
| Examples of Effects | Extensive or repeated data breaches, Extensive or repeated DoS | |
| Capability Examples | Malware crafted to the target environment, to maintain long-term presence in systems | |
| Cyber-Supported Strategic Disruption | Goals | Geopolitical advantage (all types) |
| Scope | Organizational Operations for selected organizations; Sector; Nation | |
| Timeframe, Persistence, and Stealth | Strategic with persistent, stealthy activities in all stages of CAL, covert activities against supply chains or supporting infrastructures, and covert intelligence-gathering | |
| Examples of Effects | Subverted or degraded critical infrastructure | |
| Capability Examples | Stealthy, destructive adversary-crafted malware, supply chain subversion, kinetic attacks |
# recommended
Login
0 Comments
Oldest