1.5Threat actor types and attributes Flashcards
Script kiddies
A person who uses preexisting code and scripts to hack into machines, because they lack the expertise to write their own
Hactivist
Anindividual who is someone who misuses computer systems for a socially or politically motivated agenda, they have no roots in the hacker culture and ethics. Hacker on a mission.
Organized crime
These are professionals motivated ultimately by profit. they have enough money to buy the best gear and tech. Multiple people perform specific toles: gathering data, managing exploits, and one who actually writes the code
Nation States/APT
an APT is an advanced persistent threat, these are massive security risks that can cost companies and countries millions of dollars. Nation states have very sophisticated hacking teams that can target the security of other nations. They often attack military organizations or large security sites, they also frequently attack power plants
Insiders
Someone who is inside the company who has intricate knowledge of the company and how its network works. They can pinpoint a specific vulnerability and may even have access to multiple parts of the network
Competitors
Rival companies, can bring down your network or steal information through espionage.
Internal/External
Internal is inside the company and can be intentional, unintentional, or social reasons. External is someone outside the company trying to get in
Level of sophistication
Is the skill of the hacker and the complexity of the attack
Resources/funding
The amount of money and the value of the tech and gear being used
Intent/motivation
The reason for the attack, can be for political, monetary, or social reasons
Use of open source intelligence(OSINT)
Data that is collected through publicly available information. This can be used to help make decisions. Can be used by threat actors to help find their next target or how to best attack their target. OSINT is also incredibly helpful for mitigating risks and identifying new threat actors
