Cyber Adversary Characterization: Auditing the Hacker Mind

Vulnerability Disclosure and the Cyber Adversary
Disclosure Attack Capability and Considerations
The Vulnerability Disclosure Pyramid Metric
The Disclosure Food Chain
In Chapter 2, we discussed the various properties of the cyber adversary and the elements that contribute to those properties. The primary objective of this was to enable us to make determinations relating to a theoretical cyber adversaries capabilities and motivation. As previously discussed, the key relationship that we must be able to observe is that which exists between the cyber adversary and the target in a given attack scenario. We allude to the way in which the cyber adversary makes calculated (and uncalculated) judgments regarding the risks attached to an attack and how he or she can utilize available resources to offset any attack inhibitors. One of the most important judgments we allude to is the perceived likelihood of success on the part of the adversary. This observation will be based upon the adversaries perceived capability to compromise the target, given an attempt, making use of the resources available to the adversary and therefore the adversary s perceived self-capability. Although under certain motivation-related circumstances where an adversary will go through with an attack in spite of a lack of sufficient resources (an inadequacy which they may not be not aware of), a result of the capability target observation by an adversary will often determine if the cyber adversary will go through with an attack or not.
In the kinetic world, an adversary that is intent on...