Classifying Threats Flashcards
A threat that can be identified using basic signature or pattern matching
Known Threats
Malware
Any software intentionally designed to cause damage to a computer, server,
client, or computer network
A piece of software, data or sequence of commands that takes advantage of
a vulnerability to cause unintended behavior or to gain unauthorized access
to sensitive data
Documented Exploits
A threat that cannot be identified using basic signature or pattern matching
Unknown Threats
An unknown exploit in the wild that exposes a vulnerability in software or hardware and can create complicated problems well before anyone realizes something is wrong
Zero-day Exploit
Malicious code whose execution the malware author has attempted to hide
through various techniques such as compression, encryption, or encoding to
severely limit attempts to statically analyze the malware
Obfuscated Malware Code
A malware detection method that evaluates an object based on its intended
actions before it can actually execute that behavior
Behavior-based Detection
Refers to the process of combining and modifying parts of existing exploit code to
create new threats that are not as easily identified by automated scanning
Recycled Threats
A classification of malware that contains obfuscation techniques to circumvent
signature-matching and detection
Known Unknowns
A classification of malware that contains completely new attack vectors and
exploits
Unknown Unknowns
A type of threat actor that is supported by the resources of its host country’s
military
and security services
Nation-state Actor
A type of threat actor that uses hacking and computer fraud for commercial gain
Organized Crime
A type of threat actor that is motivated by a social issue or political cause
Hacktivist
A type of threat actor who is assigned privileges on the system that cause an intentional or unintentional incident.
Insider threats can be either intentional or unintentional
Insider Threat
A threat actor who conducts an attack with a specific purpose
Intentional
A threat actor that causes a vulnerability or exposes an attack vector without malicious intent
Shadow IT is a form of unintentional insider threat
Unintentional
Malicious software applications that are widely available for sale or easily obtainable and usable
Commodity Malware
A vulnerability that is discovered or exploited before the vendor can issue a patch to fix it
Zero-day Vulnerability
An attacker’s ability to obtain, maintain, and diversify access to network systems
using exploits and malware
Advanced Persistent Threat (APT)
An infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets
Command and Control (C2)