*I. Practitioners who rely on others to develop the malicious code, delivery mechanisms, and execution strategy (use known exploits).
*II. Practitioners with a greater depth of experience, with the ability to develop their own tools (from publicly known vulnerabilities).
*III. Practitioners who focus on the discovery and use of unknown malicious code, are adept at installing user and kernel mode root kits, frequently use data mining tools, target corporate executives and key users (government and industry) for the purpose of stealing personal and corporate data with the expressed purpose of selling the information to other criminal elements.
*IV. Criminal or state actors who are organized, highly technical, proficient, well-funded professionals working in teams to discover new vulnerabilities and develop exploits.
*V. State actors who create vulnerabilities through an active program to “influence” commercial products and services during design, development or manufacturing or with the ability to impact products while in the supply chain to enable exploitation or networks and systems of interest.
*VI. States with the ability to successfully execute full spectrum (cyber capabilities in combination with all of their military and intelligence capabilities) operations to achieve a specific outcome in political military and etc. domains and apply at scale.
The full attribution report has been published in its entirety in the Red Sky Alliance portal. For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or firstname.lastname@example.org.
About Wapack Labs
Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber. Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information. The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.