Objetive 2.1 Flashcards

Compare and contrast common threat actors and motivations.

1
Q

An individual or entity responsible for incidents that impact security and data protection.

A

Threat Actor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Specific characteristics or properties that define and differentiate various threat actors from one another.

A

Threat Actor Attributes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Types of Threat Actors

A
  • Unskilled Attackers
  • Hacktivists
  • Organized Crime
  • Nation-state Actors
  • Insider Threats
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

[Threat Actors] Individuals with limited technical expertise who use readily available tools like downloaded scripts or exploits to carry out attacks.

A

Unskilled Attackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

[Threat Actors] Well-structured groups that execute cyberattacks for financial gain, usually through methods like ransomware, identity theft, or credit card fraud.

A

Organized Crime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

[Threat Actors] Cyber attackers who carry out their activities driven by political, social, or environmental ideologies who often want to draw attention to a specific cause.

A

Hacktivists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

[Threat Actors] Highly skilled attackers that are sponsored by governments to carry out cyber espionage, sabotage, or cyber warfare against other nation states or specific targets in a variety of industries.

A

Nation-state Actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

[Threat Actors] Security threats that originate from within the organization.

A

Insider Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IT systems, devices, software, applications, and services that are managed and utilized without explicit organizational approval.

A

Shadow IT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Refers to the specific objective or goal that a threat actor is aiming to achieve.

A

Threat Actor Intent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Underlying reasons or driving forces that pushes a threat actor ot carry out the attack.

A

Threat Actor Motivation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

These below are types of threat actor… ?

  • Data Exfiltration
  • Philosophical or Political Beliefs
  • Blackmail
  • Ethical Reasons
  • Espionage
  • Revenge
  • Service Disruption
  • Disruption or Chaos
  • Financial Gain
  • War
A

Threat Actor Motivations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Unauthorized transfer of data from a computer.

A

Data Exfiltration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Examples of data exfiltration purposes

A
  • Selling it on the dark web
  • Using it for identity theft
  • Levaraging it for a competitive advantage
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

One of the most common motivations for cyberriminals.

A

Financial Gain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

E

Examples of Financial Gains motivation attacks

A
  • Ransomware Attacks
  • Banking Trojans
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The attacker obtain sensitive or compromising information about an individual or an organization and threatens to release this information to the public unless certain demands are met.

A

Blackmail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Examples of cyber blackmail motivation attacks

A
  • Ransomware
  • Doxxing
  • Sextortion
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Often achieved by conducting a Distributed Denial of Service (DDoS) attack to overwhelm a network, service, or server with excessive amounts of traffic so that it becomes unavailable to its normal users.

A

Service Disruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Individuals or groups use hacking to promote a political agenda, social change, or to protest against organizations they perceive as unethical.

A

Philosophical or Political Beliefs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Also known as Authorized hackers, are motivated by a desire to improve security.

A

Ethical Reasons

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Examples of Ethical Reasons attack Actors

A
  • Pentesters
  • Bounty hunters
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

An employee who is disgrunted, or one who has recently been fired or laid off, might want to harm their current or former employer by causing a data breach, disrupting services, or leaking sensitive information.

A

Revenge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

These actors, often referred to as Unauthorized hackers, engage in malicious activities for the thrill of it, to challenge their skills, or simply to cause harm.

A

Disruption or Chaos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Involves spying on individuals, organizations, or nations, to gather sensitive or classified information.

A

Espionage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Cyber espionage motivations

A
  • National security interests (conducted by a nation-state)
  • Gain competitive business intelligence (conducted by a rival company)
  • Gain political stratefic advantage (conducted by hackitivists or nation state actors)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Cyberattacks have increasingly become a tool for nations to attack each other both on and off the battlefield.

A

War

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Why is it important to understand the motivations behind the different types of threat actor?

A

To help formulate an effective defense against them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

[Threat Actor Attributes] Individuals or entities within an organization who pose a threat to its security.

A

Internal Threat Actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

[Threat Actor Attributes] Internal threat actors motivations

A
  • Revenge
  • Financial gain
  • Coercion by external entities
31
Q

[Threat Actor Attributes] Individuals or groups outside an organization who attempt to breach its cybersecurity defenses.

A

External Threat Actors

32
Q

[Threat Actor Attributes] Refers to the tools, skills, and personnel at the disposal of a given threat actor.

A

Resources and Funding

33
Q

[Threat Actor Attributes] Refers to their technical skill, the complexity of the tools and techniques they use, their ability to evade detection and countermeasures.

A

Level of sophistication and capability

34
Q

We usualy classify lowest skilled threat actors as a ………. ?

A

Script Kiddies

35
Q

A threat actor that uses pre-made software or sripts to exploit computer systems and networks often without understanding the underlying principles.

A

Script Kiddies

36
Q

Threat actors with high level of sophistication and capabilities possess advanced technical skills and use sophisticated tools and techniques.

A

Usually are:

  • Nation-state actors
  • Groups
  • Advanced Persistent Threats (APT Groups)
37
Q

[Threat Actor Attributes] Threat actors are classified based on their ….

A

ATTRIBUTES

38
Q

[Threat Actor Attributes] Attibutes

A
  • Internal vs External
  • Resorces and Funding
  • Level of sophistication and capability
39
Q

An individual who lacks the technical knowledge to develop their own hacking tools or exploits.

A

Unskilled Attacker

40
Q

Can still cause significant damage using readily available tools and exploits to victimize systems with unpatched, known vulnerabilities.

A

Unskilled Attackers

41
Q

Unskilled attackers are motivated by

A

A desire for recognition or the thrill of causing disruption o an organization’s network.

42
Q

Unskilled attackers are less likely to be motivated by

A

Financial gain or political ideologies.

43
Q

This threat actor focus on easier targets instead of higher value ones.

A

Unskilled attackers

44
Q

An individual who lacks the technical knowledge to develop their own hacking tools or exploits.

A

Unskilled attacker

45
Q

Individuals or groups that use their technical skills to promote a cause or drive social change instead of for personal gain.

A

Hacktivists

46
Q

Hacktivism/Hacktivists use cyberattacks to achieve their ………… or ………… beliefs.

A

Hacktivism/Hacktivists use cyberattacks to achieve their ideological or political beliefs.

47
Q

Hicktivists uses techniques like

A
  • Website Defacement
  • DDoS Attacks
  • Doxing
  • Leaking of Sensitive Data
48
Q

A form of electronic graffiti, an act of vandalism.

A

Website Defacement

49
Q

An attempt to overwhealm the victim’s systems or networks so that they cannot be accessed by the organization’s legitimate users.

A

Distributed Denial of Service Attack

50
Q

Public release of private information about an individual or organization such as their name, home address, phone number, or email in hopes that someone will take the real-world action against the victim.

51
Q

Tend to demonstrate fairly high level of sophistication.

A

Hacktivists

52
Q

Are primarily motivated by their ideological beliefs rather than trying to achieve financial gains.

A

Hacktivists

53
Q

Target organizations or individuals that they perceive as acting out against their cause.

A

Hacktivists

54
Q

Anonymous and LulzSec is an example of which type of threat actor?

A

Hacktivist

55
Q

The act of hacking or breaking into computer systems for a politically or socially motivated purpose. Often to promote, repeat, or protest against specific issues or actions.

A

Hacktivism

56
Q

Is an indvidual who engages in hacktivism, using cyber tools and techniques to promote a social or political cause.

A

Hacktivist

57
Q

…………………… conducts ……………… to advance their own ideological agendas.

A

Hacktivists conducts hacktivism to advance their own ideological agendas.

58
Q

Shophisticated and well-structured entities that leverage resources and technical skills for illicit gain. Their operations are usually well-planned and coordinated based on the criminal ring structured nature and strategic approach to conducting attacks.

A

Organized Cyber Crime Groups

59
Q

They are operating across national borders, these transnational …………………….. organizations can create increased complexity for law enforcement when they attempt to prosecute these attackers.

A

Organized Cyber Crime

60
Q

Tehnical Capability Level of an Organized Cyber Crime Group?

A

Very High

Often employ advanced hacking techniques and tools, like:

  • Custom Malware
  • Ransomware
  • Sophisticated Phishing Campaings
61
Q

Exploit emerging technologies such as cryptocurrencies, Dark Web and the use of Cellular Collection Devices to facilitate their activities and evade detection.

A

Organized Cyber Crime Groups

62
Q

Motivation for Organized Cyber Crime Groups

A

Financial Gain

63
Q

Common illicit ativities linked to cyber crime groups are…

A
  • Data Breaches
  • Indentity Theft
  • Online Fraud
  • Ransomware Attacks
64
Q

Common organized crime targets are…

A
  • Small or medium-sized business
  • High net worth individuals who have substantial financial resources or valuable data.
65
Q

This threat actor is no typically driven by ideological or political objectives. However, these groups may be hired by other entities, including governments, to conduct cyber operations and attacks on their behalf.

A

Cyber Crime Groups

66
Q

May operate in the political spectrum but only do so to generate financial gains for themselves.

Essentially, when conducting these types of attacks, this threat actor is acting as a hired gun or mercenary for the political organization or government that hires them.

A

Organized Cyber Crime Groups

67
Q

FIN7 and Carbanak is an example of which type of threat actor?

A

Organized Cyber Crime Group

68
Q

Groups that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals.

A

Nation-State Actors

69
Q

Kind of attack that is orchestrated in such a way that it appears to originate from a different source or group.

A

False Flag Attack

70
Q

Term that used to be used synonymously with a nation-state actor because of their long-term persistence and stealth.

A

Advanced Persistent Threat

71
Q

Motivations of a nation-state actor

A

Gathering Intelligence
Disrupting Critical Infrastructure
Influencing Political Processes
Cyber espionage

72
Q

Cybersecurity threats that originate from within the organization

A

Insider Threat

73
Q

The use of information technology systems, devices, software, applications, and services without explicit organizational approval.