Cyber Adversary Characterization: Auditing the Hacker Mind

Target Property Influences on Attack Drivers and Inhibitors
The Asset Threat Characterization
Fictional Asset Threat Characterization Case Study
In the first four chapters of this book, we have theorized, postulated, and hypothesized about the behaviors of cyber adversaries. We have established a framework for helping us understand the cyber adversary (Chapter 2) and examined some of the key components of the model, including an adversary s preference to risk, the adversary s associations and motivations, and some tools and techniques adversaries use. Now that we have established some of the key principles, we are almost ready to apply these principals to one of the most important information security problems: characterizing the specific threats to specific key assets. Before we can start answering this question in depth, in this chapter we first resolve the final part of the cyber adversary puzzle: the target (or asset) property.
Just to refresh our minds, Figure 5.1 displays the adversary model we left off with in Chapter 2. In it, the two adversary-related properties (environment and attacker) are complete, including the key relationships between an adversary s environment and attacker property and the relationship between the attacker properties and the target.
As we also alluded to in Chapter 2, to truly understand and anticipate the cyber adversary to perform tasks such as asset threat characterization, we must fully understand the relationship between the attacker and target properties. To do this, we must first...