At Intel, we pay close attention to the types of attackers who might target our assets, areas where they are active, and trends and developments in their methods. This approach enables our designers and defenders to better allocate finite defensive resources in the most effective manner. We have developed a comprehensive threat taxonomy and Reference Threat Agent Library in use at not only Intel, but also numerous organizations such as the European Network and Information Security Agency (ENISA), The National Australia Bank, and the U.S. Department of Homeland Security.
Now we are adding an important update to our threat taxonomy. The new parameter, Motivation, describes what causes a threat agent archetype (such as organized crime boss or nation-state cyberwarrior) to commit harmful acts. Heavily researched and developed over a year by Intel's Threat Agent Analysis Group, it is a significant maturation of the concept first proposed in our Threat Agent Risk Assessment (TARA) methodology. Understanding threat agent motivation helps indicate the nature of the expected harmful action. We believe this is the best, most comprehensive set of motivational descriptors of adversaries available today.