Figure 1.1This attack tree diagram shows basic attacker options for compromising a public WiFi hotspot. The diagram assumes an opportunistic attacker who is not targeting a specific victim, although these methods could be combined with others if a specific victim or victim type is being targeted.
Figure 1.2This attack tree diagram shows basic attacker options for setting up a spearphishing attack. The diagram assumes a focused attacker who is targeting a specific victim or specific type of victim. For example, victims with a common interest could be targeted (e.g., sports fans looking for World Cup, Olympics, or other information updates or links). Spearphishing techniques have be been used in many high-profile, successful attacks (e.g., Sony Playstation, RSA SecurID). Sadly, spearphishing email messages even may appear to be from the National Center for Missing and Exploited Children (per the FBI).
Figure 1.3This attack tree diagram shows sample basic attacker options for gaining access to a secured medical environment by first compromising common patient monitoring devices and using them as a back door into the network. Once inside the trusted network (in which instrument traffic is not effectively segregated), the attacker can perform other reconnaissance, capture credentials, deploy malware like ransomware, extrude high-value medical record information (worth 10–20 times more than credit card information), connect to an external command and control server. Many devices, such as blood gas analyzers or infusion pumps, were not designed and manufactured with security in mind and have limited, if any, patching potential. *PACS, Picture Archive and Communications System (used for images captured by various devices in different departments.
