Level of Sophistication: Threat Actor Targeting Financial Assets
Question
A security analyst for a large financial institution is creating a threat model for a specific threat actor that is likely targeting an organization's financial assets.
Which of the following is the BEST example of the level of sophistication this threat actor is using?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.D.
The best example of the level of sophistication that a threat actor is using depends on the specific details of the threat actor and their tactics, techniques, and procedures (TTPs). However, out of the given options, the most sophisticated example is likely to be B. Custom malware attributed to the threat actor from prior attacks.
Custom malware is specifically tailored to the target organization, and the fact that the threat actor has used it in previous attacks indicates that they have a level of expertise in creating or acquiring custom malware. Additionally, custom malware is often difficult to detect and can be used to bypass traditional security controls. Therefore, the use of custom malware suggests that the threat actor is not only capable but also dedicated to achieving their objectives.
The other options provide some information about the threat actor, but they do not necessarily indicate a high level of sophistication. For example, social media accounts attributed to the threat actor could be used for reconnaissance, but this does not necessarily indicate a high level of technical expertise. Similarly, email addresses, phone numbers, and IP addresses may be used for communication or infrastructure, but they do not necessarily indicate a high level of sophistication.
Overall, while the specific details of the threat actor and their TTPs are important to consider, the use of custom malware suggests a high level of sophistication in general.
