Persona non Grata is a war-gaming method for developing profile for threat actors who could potentially target the organization. This method provides high level insights into system design and the types of TTPs that a threat actor may use to attempt an attack or intrusion on a network.
For this CRC Press News, we are using an example of a “crown jewels” database and discussing how a security team might apply the threat model examples to the protection of that database. PASTA looked at the various aspects of the database, including
the technology stack, business risks associated with uncertainties caused by events that may occur during the protection of the database, and
how the intelligence cycle provides a constant, and constantly evolving, security posture in place to proactively search for threats.
The Persona non Grata method provided an overview of just
who might be interested in stealing the database files,
what they might want to do with those files, and
the potential sophistication levels of the threat actors.
These profiles help build an understanding of the primary threats to the organization and the tools those threats may employ to stage a potential attack.
A persona non grata (PnG) represents an archetypal user who behaves in unwanted, possibly nefarious ways.
However, like ordinary personas, PnGs have specific goals that they wish to achieve and specific actions that they make take to achieve their goals.
Modeling PnG can therefore help us think about the ways in which a system might be vulnerable to abuse, and use this information to specify appropriate mitigating requirements.
The PnG approach makes threat modeling more tractable by asking users to focus on attackers, their motivations, and abilities.
make problem more tractable by giving modelers a specific focus (here: attackers, motivations, abilities)
Once attackers are modeled, process moves on to targets and likely attack mechanisms
PnG was the most focused TMM, showing the most consistent behavior across team.
Personas are detailed descriptions of imaginary people constructed out of well-understood, highly specified data about real people.
Persona non Grataan is an unacceptable or unwelcome person.
Motivations: What is the PnG’s motivations?
Goals: How will the PnG fulfill their motivation i.e.
what do they want to do, and
how do they plan to get away with it?
Skills: What abilities do they have to achieve their goal?
What other assets do they have e.g. access to infrastructure,
relationships to those who have skills?
Misuse cases: What are the misuse cases the PnG can follow to achieve their goals?
Step 1: Discover domain-specific concepts
Step 2: Identify attack targets
Step 3: Visually display attack mechanisms
Step 4: Merge individual threats into new PnGs
Step 5: Check for redundancy
Features of Persona non Grata
Uses profiles of potential bad-guy attackers: analysis derives from anticipating what they would do given their defined goals and skills.
Helps identify relevant mitigation techniques
Direct contribution to risk management
Provides consistent results when used continuously
Detects only some subsets of threats
As a threat modeling method, Persona non Grata (PnG) focuses on the motivations and skills of human attackers.
It characterizes users as archetypes that can misuse the system and forces analyststo view the system from an unintended use point of view
Tendsto detect only a certain subset of threat types
This technique fits well into the agile approaches, which incorporates personas.
We could create a persona non grata with more specific attack strategies to expose vulnerability points of the product.