Linking attack vectors to attacker profiles
In the Threat actors and their motivations section in Chapter 1, we described different types of attacker profiles and their primary motivations behind launching attacks. Later, in Chapters 4 and 5, we went over them in more detail to cover common techniques employed by different classes of attackers. We also discussed attacker profiles based on an organization’s data assets.
In the earlier section, we took a tour of common attack patterns through recent, large-scale exploits. Let’s now synthesize this knowledge to proactively detect attacks in real time. By combining threat intelligence, proactive monitoring, deceptive tactics such as honeypots, and analysis of key profiling indicators (sophistication, targets, timing, persistence, etc.), we can continuously uncover hidden adversaries targeting our systems.
Before jumping into the content, let’s recap our learnings about types of threat actors from previous chapters...
