In the war against cybercrime, hackers continue to frustrate the threat hunting process by inventing new ways of bypassing security measures. Ethical hackers are constantly deploying countermeasures and hardening their security infrastructure to ensure that hackers are kept at bay. As a result, threat modeling is making significant strides in the world of cybersecurity.
What is security threat modeling?
Threat modeling is the process of assessing, detecting, and mitigating risks to optimize the security of a network or application. A threat is anything that can exploit a vulnerability of a system to gain access.When modeling for threats, these three elements are considered:
- Assets: this is a system’s infrastructure that can be compromised by an attack
- Threats: anything an attacker may use to exploit vulnerabilities
- Vulnerability: weaknesses in the system that can be exploited
How do you make a threat model?
Step 1: Identify security objectives
Step 2: Identify assets and external dependencies.
Step 3: Identify trust zones.
Step 4: Identify potential threats and vulnerabilities.
Step 5: Document the threat
Why Is Threat Modeling important?
The purpose of threat modeling is to manage risk by assessing the potential damage caused by an attack and providing remediation efforts. It is an important part of securing testing programs. It helps ethical hackers identify, manage, and communicate potential risks that could affect the system.
There are several threat models used to fight cyber-attacks. In this article, we will focus mainly on three of them: STRIDE, DREAD, and P.A.S.T.A.
This is a threat model that was developed by Microsoft and helps cybersecurity experts to categorize threats into six classes:
- Spoofing: when an attacker disguises themselves as another person or changes their MAC address to match a whitelisted MAC address
- Tampering: manipulation of data for malicious gains
- Repudiation: more commonly known as non-repudiation, this is when someone is not able to deny performing an action
- Information disclosure: a user may disclose to an attacker sensitive information that they are not authorized to see
- Denial of Service: hackers devise methods to deny users access to a service by overloading a server with ping requests in exchange for money from the organization
- Escalation of privilege: once in the system, an attacker may escalate their user privileges by spoofing a user with higher system privileges
This is another threat model that was also created by Microsoft to determine the severity of a threat. The DREAD model uses a scale to rank threats in five categories:
- Damage potential: the extent to which a threat could harm the system
- Reproducibility: how easy it is to reproduce the threat that could exploit the vulnerability
- Exploitability: ranks a threat according to the ease in which it can be carried out
- Affected users: how many users could be affected in case of an attack
- Discoverability: with what ease can a threat be discovered
This is an acronym that stands for Process for Attack Simulation and Threat Analysis. PASTA is a risk-centric framework that offers a dynamic threat scoring process. It incorporates business needs and technical requirements to develop an asset-centric mitigation framework that analyses threats from an attackers’ perspective. PASTA has 7 stages:
- Define Objectives
- Define Technical Scope
- Application Decomposition
- Threat Analysis
- Vulnerability & Weaknesses Analysis
- Attack Modeling
- Risk & Impact Analysis
Threat modeling in ethical hacking is not limited to these three models as there are numerous other models out there that use different strategies to discover and mitigate risk. So why do you need to be familiar with threat modeling as an ethical hacker? Threat modeling helps you to discover and assess threats posing a risk to a network and a step-by-step process of mitigating the risk while allowing you time to fix security flaws in the system. Becoming a Certified Ethical Hacker (CEH) would arm you with the knowledge and skill of assessing all sorts of threats to an organization and help to mitigate those risks.