Threat model matrix outlining cyber threat models from basic actors to nation-state level threats, illustrating the evolving landscape of expertise and scale upgrade from AI systems.
| Model Uplift / Actor Expertise | Expertise Upgrade | Scale Upgrade | 3rd Party Tool Creation |
|---|---|---|---|
| Non-Technical | Causing harm given access | Information hazard: Cyber as a potential method to cause harm | Accessibility to current SOTA capabilities |
| Technical non-expert | Run end to end attack | Information hazard: Cyber as a potential method to cause harm | Automated Attack Tool |
| Niche Expert (e.g. cyber crime org) | Hardened targets | Spear-phishing at scale / scaling cyber crime | Automated Attack Tool |
| Cybersecurity Expert | Running an APT | Lead / target identification/ prioritization | Automated Attack Tool |
| Nation-state level | Genuinely novel threat vectors | Massive scaling for Nation-state APTs | Automated Attack Tool |
| AI Model (Model autonomy) | AI model self-improvement | Autonomous Replication |
Pattern Labs Threat Models © 2024 by Pattern Labs Tech Inc. is licensed under CC BY-NC-ND 4.0.
@misc{pl-threat2024,
title={Threat Models},
author={Pattern Labs},
year={2024},
howpublished={\url{https://patternlabs.co/blog/threat-models}},
}