OBJECTIVE

This document aims to help you create attack diagrams based on the cyber threats targeting your information system. To achieve this, we will primarily use tools provided by MITRE.

CASE STUDIES

You are a member of the IT security team in a French telecommunications company, responsible for maintenance for several clients, including some entities of the French government. Your goal is to detect the attacker groups that might target:

• your domain and entity (country),

• your industry,

• your clients' domains,

• as well as as many sectors as possible (corporations, mobile, industrial).

WHAT ABOUT INTERNAL THREATS?

Internal threats should not be excluded. However, it is important to start somewhere, and several techniques used by APT-type attackers can also be employed by an internal attacker (brute force, abnormal connections, etc.).