1.3 Explain Threat Actorsd Flashcards
Threat Actor
A threat actor is the person of entity who is responsible for causing or controlling any security-violating incident experienced by an organization or individual.
Script Kiddies
Script kiddies are threat actors who are less knowledgable than a professional skilled actor. They usually unable to program their own attack tools and many may not understand exactly what how the attack operates.
Hacktivist
Someone who uses their hacking skills for a cause or purpose. A hacktivist commits criminal activities to further their cause.
APT
Advance persistent threat is any form of cyberattacks that is able to continually exploit a target over a considerable period of time. AN ATP often takes advantage of flaws not publicly known or tries to maintain stealth throughout the attack
Risk presented by insiders
One
Understand how organized crime is involved in cybercrime.
Organized crime is involved in cybercrime activities because it is yet another area of exploitation that may allow them to gain access, power, or money.
Understand how nation-states are using cyberattacks.
Most nation-states are now using cyberattacks as yet another weapon in their arsenal against their real or perceived enemies, whether internal or outside their borders.
risks presented by competitors.
While it is widely known that such actions are illegal, many organizations still elect to perform corporate espionage and sabotage against their competition.
risks presented by internal and external threat actors.
Threats can originate from inside your organization as well as outside. All too often, companies focus most of their analysis and security deployment efforts on external threats without providing sufficient attention to the threats originating from inside.
Understand threat actors’ level of sophistication.
Threat actors can vary greatly as to their skill level and level of sophistication. Some attackers are highly trained professionals who are applying their education to malicious activities, whereas others are simply bad guys who learned how to perform cyberattacks just to expand their existing repertoire.
Know how threat actors access resources and funding.
Some threat actors are well funded with broad resources; others are not. Some threat actors self-fund, whereas others find outside investors or paying customers. Self-funded threat actors might highjack or use advertisement platforms to obtain funds; others may use ransomware to extort money from their victims.
Understand threat actors’ intent and motivation.
The intent or motivation of an attacker can be unique to the individual or may be similar to your own. Some attackers are motivated by the obvious benefits of money and notoriety. Others attack from boredom or just to prove to themselves that they can.
Understand open-source intelligence.
Open-source intelligence is the gathering of information from any publicly available resource. This includes websites, social networks, discussion forums, file services, public databases, and other online sources. It also includes non-Internet sources, such as libraries and periodicals.
