Gaining ‘The Attacker Perspective’

Print Friendly, PDF & Email

It may seem counter-intuitive to place the motives and methods of attackers on a pedestal, but there is immense value in doing so. Today’s threat landscape demands an ongoing role reversal; which is the ability and desire to emulate the thought process and real-world methodologies of attackers in order to gain visibility and an advantage over the countless “what-if” scenarios that we face.

'The motives of an attacker will have a strong influence on the methods they employ to get what they want.' Click To Tweet

Visualizing what it is that an attacker wants is an important step because it provides us context into the motives portion of an attack. Many people still think that motives are purely financial or one-dimensional, but modern attacks are driven by a wide range of evolving motives. Let’s position our discussion around just a few of these:

  • Obtain intellectual property or inside information
  • Interrupt production or negatively impact customer interactions
  • Make a “new friend” within an organization with ulterior motives
  • Hijack resources to broadcast a political message or social stance to a large audience
  • Collect technical profile details about an environment for collaboration and exploration for a future attack

The motives of an attacker will have a strong influence on the methods they employ to get what they want. The list of motives we visualize will often include more than a single item; so it comes as no surprise that the list of methods will constantly expand. It is important to note that the most persistent and effective attacks often employ multiple vectors or a mixture of methods to accomplish their goals. Let’s look at a short list of attacker methods, which is by no means all-inclusive, but represents a sampling of real-world attacker methods:

  • Craft and register a reasonable domain name and combine it with a filter-friendly phishing e-mail to obtain access or information
  • Utilize a portable media device containing attractive files to accelerate the pace of an attack
  • Employ voice-based methods to generate revealing, “off the record” conversations with employees
  • Study the surface of an organization to glean information about employee groups, promotions, and news items about the company
  • Utilize direct SMS/text-based messaging to gain access to employees outside of standard perimeter detection
When it comes to defending yourself from #SpearPhishing attacks, it helps to understand the attacker's perspective. #EmailSecurityClick To Tweet

Strategically simulating “what if” scenarios generated from the attacker perspective provides a premium level of real-world visibility and objective evidence. This visibility can only be obtained through sustained studies of BOTH the motives and methods of attackers. When these scenarios go from concept to application through a sound, safe, and secure method of testing and measuring; we not only gain visibility into our people, process, and technology layers; we gain this visibility from The Attacker Perspective.

To further protect yourself from these attacks, invest in technologies specifically engineered to detect and prevent this type of attack.  Barracuda Email Protection includes a full security suite to defend your company from attacks and teach your users how to help stop email fraud, data loss, and brand damage.


Scroll to top