Threat Modeling: Understanding Threat Actors
Attacks generally fall into two categories: opportunistic and focused (or targeted). Understanding this spectrum is crucial for crafting your defense.
The Opportunistic Attack: The Digital Drive-by
Not personal, but feels personal
Attacker sees a vulnerability and strikes
Example: Mass phishing emails, random malware
Defense: Be a hard target. Good practices deter these attackers.
The Focused Attack: The Digital Stalker
Specifically targeting you
Involves planning, recon, possibly surveillance
Danger: Adaptability. They'll change tactics to breach your defenses.
Defense: Vigilance and defense-in-depth
Profiling Your Digital Adversaries
Attackers aren't just "hackers." They range from script kiddies to nation-states, categorized by skill and focus:
Level I: The Digital Playground Bully
Minimal skill, minimal knowledge of you
Examples: Wi-Fi sniffers, shoulder-surfers at ATMs
Attacks: Purely opportunistic
Defense: Basic security practices (the "common sense" we mentioned)
Level II: The Skilled Burglar or the Vengeful Ex
Either skilled OR has personal knowledge
Examples: Advanced burglar, tech-savvy ex
Attacks: Opportunistic or targeted
Defense: Good practices deter them, but personal knowledge is a risk
Level III: The Professional Threat
Skilled AND patient to gather info
Examples: Pro criminals, sophisticated hackers
Attacks: Opportunistic or targeted, but more advanced
Defense: High-level security, constant best practices, situational awareness
Level IV: The Digital Hitman
Called "Advanced Persistent Threats" (APTs)
Examples: Nation-states, elite hacker groups
Attacks: Highly targeted, infinitely patient, extremely sophisticated
Defense: Time is their ally. Focus on detection and making their job harder.
The Million-Dollar Questions of Threat Modeling
What's the Likelihood of Being Targeted?
Not just "will I be attacked," but "how attractive a target am I?" This depends on:
Your digital assets (crypto, sensitive data)
Your public profile (influencer, executive)
Your associations (do you know high-value targets?)
Who is My Digital Adversary?
Beyond just "hackers," think:
Their resources (a bored teen or a funded group?)
Their motivation (money, ideology, personal vendetta?)
Their capabilities (script kiddie or APT?)
What's Their Window of Opportunity?
When are you most vulnerable? Late-night tweets? Public Wi-Fi use?
Where are you exposing data? Work laptop at a coffee shop?
How long do they have? A quick smash-and-grab or long-term surveillance?
The Hardest Question: How Do They See Me?
Are you a "soft target" with weak passwords?
Or a "hard target" with 2FA, encryption, and savvy?
This perception changes. That old forum account you forgot? It could make you soft.
Understanding your adversaries—their motives, methods, and opportunities—is key to crafting a defense that's more than just a VPN and a strong password.
Privacy is about understanding who's looking, why they're looking, and making sure that when they look at you, all they see is another face in the crowd.