REVISITING KNOWN PERPS: BEHAVIORAL PROFILING FOR CONTINUOUS MONITORING OF THREAT ACTORS

Juan Andrés Guerrero-Saade, Chronicle

Threat actor profiling is traditionally based on governmental and militaristic frameworks that suffer from cognitive biases regarding the type of adversaries we may encounter. The byproduct of that doctrinarian thinking is a rigid idea of threat actors that doesn’t reflect their adaptability, propensity to change, and the lasting nature of the threats they pose. Rather than obsessing over what sort of nation-state institution is at the other side of the keyboard, let’s instead build profiles based on discernible operational and developmental traits akin to criminal behavioral profiling. The output will not only help inform how defenders should model their risk and expend their limited resources, but it’ll also remain responsive to the inevitable changes observed in threat actors over time.  Let’s focus on how that shift in perspective tangibly affects the output of our investigations, allowing for collaborative research into adversary campaigns that will outlast fever-pitch publication cycles and the headlines they produce. It’s time to revisit known perps and repeat offenders for a second opinion.