Professionals (the elite): This type is a small group of attackers also known as the elite. Members of
this group are highly motivated and in most cases remunerated for their services that include organized
crime, as well as attacks on the military, intelligence organizations, law enforcement, and other groups.
The main motivation for these types of hackers is remuneration.
Risk Assessment
It is imperative to audit the network and evaluate its security posture for the risks and threats in an
environment to be able to preemptively determine the likelihood and ramifications of a security breach. This
should be an iterative process in which you evaluate and rank each threat and identify an appropriate mitigation
technique accordingly. As you face the risk assessment process, keep in mind the following facts about common
network attacks:
75% to 80% go undetected.
15% to 20% are instigated by outsiders.
80% to 85% are launched by insiders??”people with authorized trust.
80% to 90% are vindictive script kiddy attacks. 10% are of a more serious DDoS type.
1% to 5% hit the infrastructure directly.
Threat modeling involves identifying and ranking threats according to their likelihood and the damage they
could potentially cause.
Pages:
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344