1.3 Explain threat actor types and attributes. Flashcards

1
Q

Threat actors and attributes• Also called a malicious actor

A

The entity responsible for an event that has
an impact on the safety of another entity
• Broad scope of actors
• And motivations vary widely
• Intelligence can come from everywhere
• Open source intelligence is a massive starting point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Script kiddies

A
Runs premade scripts without any knowledge of
what’s really happening
• Can be internal or external
• But usually external
• Not very sophisticated
• No formal funding
• Looking for low hanging fruit
• Motivated by the hunt
• Working the ego, trying to make a name
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Hacktivist

A
  • A hacker with a purpose
  • Social change or a political agenda
  • Often an external entity
  • Can be remarkably sophisticated
  • Very specific hacks
  • DoS, web site defacing, release of private documents, etc.
  • Funding is limited
  • Some organizations have fundraising options
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Organized crime

A

Professional criminals
• Motivated by money
• Almost always an external entity
• Very sophisticated
• Best hacking money can buy
• Crime that’s organized
• One person hacks, one person manages the exploits,
another person sells the data, another handles
customer support
• Lots of capital to fund hacking efforts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Nation states / APT

A
• Governments
• National security, job security
• Always an external entity
• Highest sophistication
• Military control, utilities, financial control
• United States and Israel destroyed 1,000 nuclear
centrifuges with the Stuxnet worm
• Constant attacks
• Advanced Persistent Threat (APT)
• Massive resources available
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Insiders

A

More than just passwords on sticky notes
• Some insiders are out for no good
• Sophistication may not be advanced,
but the insider has institutional knowledge
• Attacks can be directed at vulnerable systems
• The bad guy knows what to hit
• Extensive resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Competitors

A
  • Many different motivations
  • DoS, espionage, harm reputation
  • High level of sophistication
  • The competitive upside is huge (and very unethical)
  • Many different intents
  • Shut down your competitor during an event
  • Steal customer lists
  • Corrupt manufacturing databases
  • Take financial information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly