Chapter 2 Flashcards
What are the attributes of threat actors?
- internal/external
- sophistication/capability
- resources/funding.
What is the difference between internal and external threat actors?
Internal actors have legitimate access; external actors must break into a system without permission.
What does sophistication/capability refer to?
It describes the threat actor’s ability to use advanced tools and techniques
What does resources/funding mean in relation to threat actors?
It refers to the financial/logistical support needed for tools
What are common motivations of threat actors?
- service disruption
- data exfiltration
- disinformation
- revenge
- financial gain
- political agendas.
What are the three primary strategies used by threat actors?
The three strategies are service disruption
How do threat actor strategies impact the CIA triad?
Data exfiltration compromises confidentiality
What is the goal of service disruption?
To prevent an organization from working normally
What is data exfiltration?
It is the unauthorized copying or transfer of valuable information from a system or network.
What is disinformation?
Disinformation involves falsifying trusted resources like websites or spreading false information via social media.
What are chaotic motivations?
Early attacks aimed to cause chaos for fun or credit; modern chaos-driven attacks often further political or revenge motives.
What are financial motivations?
Threat actors commit blackmail
What is blackmail in cybersecurity?
Blackmail involves demanding payment to prevent the release of stolen or falsified information.
What is extortion?
Extortion involves demanding payment to stop or prevent an attack
What is fraud in cybersecurity?
Fraud involves falsifying records
What are political motivations for threat actors?
These include whistleblowing
What is cyber espionage?
Cyber espionage involves stealing secrets for political
What is a whistleblower?
A whistleblower releases confidential information due to ethical concerns
What are the main types of threat actors?
Hackers
What is a hacker?
A hacker is an individual skilled in gaining unauthorized access to systems; they can be unauthorized (malicious) or authorized (ethical).
What is an unskilled attacker?
An unskilled attacker uses hacking tools without fully understanding them
Who are hacker teams and hacktivists?
Groups like Anonymous or WikiLeaks use cyberattacks to promote political or social agendas.
Who are nation-state actors?
Government-sponsored groups that use cyberattacks for military
What is an advanced persistent threat (APT)?
An APT is a long-term
How do nation-state actors use false flags?
They pose as independent groups or hacktivists to disguise their involvement in cyberattacks.
What role does organized crime play in cyber threats?
Organized crime commits financial fraud
How can competitors pose a cyber threat?
Rogue businesses may perform espionage
What is an internal threat actor?
An internal threat actor is someone within an organization (e.g.
What motivates internal threat actors?
Revenge
What is shadow IT?
Shadow IT refers to unauthorized hardware or software introduced into an organization
What is an unintentional insider threat?
It involves mistakes
What is the CIA triad?
The CIA triad refers to the principles of Confidentiality
