Offensive Threat Modeling for Attackers: The Determined Attacker

Saturday, March 24, 2012

Article by Rafal Los

Information security has always had a white elephant in the room.  That white elephant is the phrase that many of us has used over and over - "a determined attacker cannot be thwarted". 

What this really means is that many information security teams have gotten good at deterring or catching the 'script kiddie' or novice attacker and claiming victory and success. This clearly isn't enough as the world evolves and the threats to your organization evolve with it.

Addressing the comprehensive threat to your organization is what the Black Hat Europe talk that Shane McDougall and I presented was all about.

Going beyond signatures and things that we can scan and plan for, what we looked at was how those white elephants - the determined attackers - would come at you.  Giving a more comprehensive view of threat and perhaps putting a little bug in your brain about how the truly bad guys will prepare for and execute a strategic attack against your organization, its assets and its people was our purpose. 

Apparently the talk was well-received, at least by the attendees of the conference, as we had a standing-room-only crowd in our room and even a little bit of media coverage for the talk.

Since I'm excited about the prospect of carrying this idea forward, I thought I would post our whitepaper for you - in case you've missed the conference here in beautiful Amsterdam.  I will post the slides as possible.

Also a PC World article titled "IT Organizations Need to Be More Aware of Physical Threats, Experts Say" ... give it a read. Feedback is absolutely welcome as we work on the next iteration of the idea.

Download the white paper here:

  Offensive Threat Modeling for Attackers v2.pdf