A security researcher is gathering information about a recent spoke in the number of targeted attacks against multinational banks.
The spike is on top of already sustained attacks against the banks.
Some of the previous attacks have resulted in the loss of sensitive data, but as of yet the attackers have not successfully stolen any funds.
Based on the information available to the researcher, which of the following is the MOST likely threat profile?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
Based on the information available, the most likely threat profile is A. Nation-state-sponsored attackers conducting espionage for strategic gain.
This conclusion can be drawn from several factors. First, the targeted attacks are against multinational banks, which suggests that the attackers are looking to gather intelligence that has a high value to a nation-state. Second, the attacks have been sustained over time, indicating that the attackers are persistent and are likely being funded by a state entity. Third, while sensitive data has been lost, no funds have been stolen, which suggests that the attackers are not motivated by financial gain, but rather by the acquisition of strategic information.
In contrast, the other options can be ruled out. B, insiders seeking to gain access to funds, is unlikely given that no funds have been stolen in previous attacks. C, opportunists seeking notoriety, is unlikely given that the attacks have been sustained over time and are targeted specifically at multinational banks. D, hacktivists seeking to change landing pages is unlikely given the lack of any political or social message in the attacks.
In summary, based on the information provided, the most likely threat profile is a nation-state-sponsored attack seeking strategic intelligence.