Attack modes and methods

Attack modes and methods, sometimes referred to as Tactics, Techniques, and Procedures (TTPs), are representations of how cyber adversaries behave. They characterize what these adversaries do and how they do it, in increasing levels of detail.

For example, an attack mode/method might be to use malware to steal credit card credentials. Or another, related tactic (at a lower level of detail) might be to send targeted emails with attachments that contain malicious code, which executes upon opening, captures credit card information from keystrokes, and uses http to communicate with a command and control server to transfer information.