ta02_(supply_chain_insider)
TA02 (Supply Chain/Insider) is a threat actor designation used in an AI/LLM threat-modeling scenario to represent a supply-chain or insider adversary targeting the training pipeline. In the provided scenario, this actor conducts data poisoning against the fine-tuning dataset by injecting malicious examples into financial-domain training data. The described objective is to implant unsafe model behaviors, such as leaking account numbers when specific trigger phrases appear or approving unauthorized transactions under certain conditions. The content notes that because fine-tuning data may be sourced from customer interactions and third-party financial datasets, poisoned samples can persist undetected. This actor is associated with threat scenario TS02, assessed as CRITICAL risk, and targets asset A03 (Training Pipeline). No additional aliases, sub-groups, or nation-state attribution are provided in the content beyond the alias/name TA02 (Supply Chain/Insider).
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.