Threat Modeling

Threat Modeling

Threat modeling is a procedure to identify vulnerabilities and design countermeasures to mitigate the risk of the discovered threats. Some refer to a threat model as an "attack tree" which shows how a system might be compromised. The security professional is usually responsible for threat modeling of a system or network. Threat modeling at times requires thinking like an attacker. How can my system be breached? What the the ways information might be disclosed?

An attacker will likely use the following steps to launch an attack: Reconnaissance, scanning, exploitation, creating back doors, and covering tracks. Threat modeling should take this into account.

Companies that are winning the war against cyberattacks are those with an approach not to tackle the most likely risk, but the risk with the highest impact.

Industrial threat modeling should start with perimeter security. Is engineering access strongly secured with an IPsec tunnel? Do I have any modems connected for remote dial-up access? If so, do I have identity management in place? Modems can be easily detected by a war-dialing attack and listening for a modem on the other end. Industrial threat modeling should then look at the next layer – the Ethernet switches and routers. Do I have MAC security enabled? Are my firewall rules adequate? Do we have an Intrusion Detection System (IDS) in place?

Review logs often! Review not only the denied login attempts, but also the accepted logins. Why did John Smith log into the network at 2am?

Finally, industrial threat modeling should look the end devices. Are you using default or known factory admin passwords? Who can access the devices? Do you have a proxy in place that allows or denies users to access the device?

Microteknix LLC | Pottstown, PA 19465