Modelling Threat Actor Phishing Behaviour – “you’re only as strong as your weakest link!”
This whitepaper focuses on the reconnaisance phase of a simulated attack. It will discuss how likely targets are identified within an organisation and why certain individuals are chosen. The reconnaisance phase will typically involve open source intelligence (OSINT), cyber intelligence (CYBINT) and human intelligence (HUMINT).
Careful consideration is given to the selection of the individual and the whole success of the campaign can rest on these individuals. Certain individuals have more appeal to the threat actor than others and the paper will discuss this in detail how they are identified, discovered and the profile of these individuals.
The paper will also go into what strategies organisations can put in place to improve resilience as well as sources of information to gain support in this area.
Further resources:
Infographic: Warning against phishing
Whitepaper: Cyber red-teaming business critical systems while managing operational risk
