They start to look for certain vulnerabilities inside the Group community which they could exploit including programs, goal networks, and so forth., and begin indicating/mapping out the regions wherever they're able to make the most. As soon as they correctly recognize which defenses are in place, they pick which weapon https://www.researchgate.net/publication/365308473_Development_of_Cyber_Attack_Model_for_Private_Network
