Please enable JavaScript.
Coggle requires JavaScript to display documents.
Threat Actors & Vectors - Coggle Diagram
Threat Actors & Vectors
Types
structured
Persistent
Multi-phased
Organized
can be internal or external
Planned
exploit kits, zero-day code, precompiled modules, Ransomware
Unstructured
Drive by web surffing
No acceptable use policy (AUP)
Non-malicious
emails, web mail
Accidental
USBs & personal electronics
usually internal ( can be external)
Actors
Unskilled attackers( script kiddies)
Hacktivists
Organized crime syndicates
Main contributors to advanced persistent threats (APT)
example: ALPHV/BlackCat ransomware operation
State based attacks (WWC)
Compromised Privileged insiders
Actor's Motivations
Service disruption
Blackmail and extortion
State-based or corporate espionage
political activism or ethical issues
Data exfiltration for financial gain
revenge or act of war
Human vectors & Social engineering
Dark web
Phishing attacks
Spear phishing
to steal sensitive info such ash account credentials or financial informations
Whaling
special spear phishing attack against a high-level and/or highly privileged employee
by mails
Smishing
using various text messaging formats such as SMS as a vector,these have exploded over the last few years
Vishing
using voice over IP or telephony as the hoax vector.
business email compromised (BEC)
form of attack that targets companies that outsource,conduct wire transfers and process invoices, often abroad to other countries.
Social engineering