1.5 Explain different threat actors, vectors, and intelligence sources Flashcards
What are Actors and threats?
Actors and threats refer to the various entities and risks that can compromise the security of a system or organization, including individuals, groups, and malicious activities.
What term describes the various entities and risks that can compromise the security of a system or organization?
Actors and threats
What is an Advanced persistent threat (APT)?
An Advanced persistent threat (APT) is a sophisticated and stealthy cyber attack carried out by highly skilled threat actors over an extended period, often targeting specific organizations or industries.
What term describes a sophisticated and stealthy cyber attack carried out by highly skilled threat actors over an extended period?
Advanced persistent threat (APT)
What are Insider threats?
Insider threats are security risks posed by individuals within an organization who misuse their access, knowledge, or privileges to compromise the organization’s security or data.
What term describes security risks posed by individuals within an organization who misuse their access or privileges?
Insider threats
What are State actors?
State actors are government-sponsored or affiliated entities that conduct cyber operations for political, economic, or military purposes, often targeting other nations or organizations.
What term describes government-sponsored or affiliated entities conducting cyber operations for political or military purposes?
State actors
What are Hacktivists?
Hacktivists are individuals or groups who use hacking techniques for politically or socially motivated purposes, such as activism, protest, or ideological advocacy.
What term describes individuals or groups who use hacking techniques for politically or socially motivated purposes?
Hacktivists
What are Script kiddies?
Script kiddies are individuals with limited technical skills who use pre-packaged hacking tools or scripts to conduct cyber attacks without understanding the underlying technology or vulnerabilities.
What term describes individuals with limited technical skills who use pre-packaged hacking tools to conduct cyber attacks?
Script kiddies
What are Criminal syndicates?
Criminal syndicates are organized groups engaged in illegal activities, including cybercrime, such as hacking, identity theft, fraud, and other financially motivated offenses.
What term describes organized groups engaged in illegal activities, including cybercrime?
Criminal syndicates
What are Hackers?
Hackers are individuals with advanced technical skills who use their knowledge to penetrate computer systems or networks for various purposes, including security testing, activism, or criminal activities.
What term describes individuals with advanced technical skills who penetrate computer systems for various purposes?
Hackers
What is Authorized access?
Authorized access refers to permissions granted to users or entities to access specific resources or perform certain actions within a system or organization, based on their roles or privileges.
What term describes permissions granted to users or entities to access specific resources within a system?
Authorized access
What is Unauthorized access?
Unauthorized access refers to attempts to gain access to resources or systems without proper authorization or permission, often constituting a security breach or violation of policies.
What term describes attempts to gain access to resources or systems without proper authorization?
Unauthorized access
What is Semiauthorized access?
Semiauthorized access refers to access granted to users or entities beyond their normal privileges or roles, often resulting from misconfigurations, vulnerabilities, or exploitation of access controls.
What term describes access granted to users beyond their normal privileges or roles?
Semiauthorized access
What is Shadow IT?
Shadow IT refers to the use of unauthorized or unapproved hardware, software, or services within an organization, often by individual employees or departments without oversight or IT approval.
What term describes the use of unauthorized or unapproved hardware, software, or services within an organization?
Shadow IT
What are Competitors?
Competitors are rival individuals, companies, or organizations operating in the same market or industry, who may engage in espionage, cyber attacks, or other tactics to gain competitive advantage.
What term describes rival individuals, companies, or organizations operating in the same market?
Competitors
What are Attributes of actors?
Attributes of actors refer to the characteristics or traits associated with individuals, groups, or entities involved in cyber threats or attacks, including their internal/external nature, sophistication, resources, and motivations.
What term describes the characteristics associated with individuals, groups, or entities involved in cyber threats?
Attributes of actors
What is Internal/external?
Internal/external refers to whether an actor operates from within the target organization or externally, often influencing their level of access, visibility, and potential impact.
What term describes whether an actor operates from within the target organization or externally?
Internal/external
What is Level of sophistication/capability?
Level of sophistication/capability refers to the technical expertise, skills, and resources possessed by threat actors, influencing their ability to carry out complex or advanced cyber attacks.
What term describes the technical expertise and resources possessed by threat actors?
Level of sophistication/capability
What are Resources/funding?
Resources/funding refers to the financial, technological, or human resources available to threat actors to conduct cyber attacks, influencing the scale, scope, and effectiveness of their operations.
What term describes the financial, technological, or human resources available to threat actors?
Resources/funding
What is Intent/motivation?
Intent/motivation refers to the goals, objectives, or reasons driving the actions of threat actors, such as financial gain, political ideology, espionage, sabotage, or revenge.
What term describes the goals or reasons driving the actions of threat actors?
Intent/motivation
What are Vectors?
Vectors refer to the different methods or pathways used by threat actors to launch cyber attacks or infiltrate target systems, including direct access, wireless, email, and social engineering.