Synthetic APTs: the Collapse of TTP-Based Attribution

Francesco Balassone,Víctor Mayoral-Vilches,María Sanz-Gómez,Paul Zabalegui-Landa,Stefan Rass,Davide Quarta,Daniel Sanchez-Prieto,Marina Oteiza-Álvarez,Almerindo Graziano,Lauren Min Kim,MinSeok Choi

Cyber Threat Intelligence CTI attribution relies on identifying the Tactics, Techniques, and Procedures TTPs that distinguish one threat actor from another. This approach presupposes that each adversary leaves a recognizable operational fingerprint. This work investigates whether AI driven adversary emulation challenges that presupposition. We deploy agents from our Cybersecurity SuperIntelligence CSI framework, configured as five Advanced Persistent Threat APT groups, APT28, APT29, APT41, APT44, and Lazarus Group, against AI driven Defender agents across two cyber ranges provided by CYBER RANGES, equipped with defensive software Wazuh, Velociraptor, Elasticsearch and active AI driven defenders: an enterprise network and a military infrastructure. Across 20 experiments using two defender models, a binary pattern emerges: all 10 Enterprise range experiments resulted in compromise 2 to 12 hosts per experiment, while all 10 Military range experiments were successfully defended or resulted in stalemates, regardless of APT profile or defender model. In 8 of 10 Enterprise experiments, attackers independently weaponized the defender's own Velociraptor endpoint management platform as a command and control channel, a convergent behavior not encoded in any threat intelligence profile. We argue that in the AI era, wherein agents can be deployed provided the right models are available and subject to the right scaffolding and agentic configuration, the entry barrier for operating like a nation state APT collapses: beyond nation states, individuals can now act like commonly identified threat actors, and with it, fundamentally undermine TTP based attribution.

翻译：网络威胁情报（CTI）归因依赖于识别区分不同威胁行为者的策略、技术与程序（TTP）。该方法预设每个攻击者会留下可辨识的操作指纹。本研究探讨人工智能驱动的攻击者模拟是否挑战了这一预设。我们部署来自网络安全超级智能（CSI）框架的智能体，将其配置为五个高级持续性威胁（APT）组织——APT28、APT29、APT41、APT44及Lazarus Group，与由CYBER RANGES提供的两个网络靶场中的人工智能驱动防御者智能体对抗，这些靶场配备防御软件Wazuh、Velociraptor、Elasticsearch及主动AI防御者：企业网络与军事基础设施。通过20次采用两种防御模型的实验，出现了一个二元模式：所有10次企业网络实验均导致入侵，每实验感染2至12台主机；而所有10次军事网络实验均被成功防御或形成僵局，且与APT类型或防御模型无关。在10次企业网络实验的8次中，攻击者独立地将防御者自身的Velociraptor端点管理平台武器化为命令与控制信道——这是一种未编码在任何威胁情报档案中的趋同行为。我们认为，在人工智能时代，只要具备正确模型、适当框架及智能体配置即可部署智能体，使国家行为体级别的APT操作门槛崩溃：超越国家层面，个体现在可模仿常见威胁行为者活动，由此从根本上瓦解基于TTP的归因。