Section 2.1 Flashcards
What is a threat actor?
It’s an entity responsible for an event that has an impact on the safety of another entity.
Also called malicious actor.
What are some attributes of a threat actor?
Are they External / Internal? (meaning do they work for the company or are they from the outside trying to get in)
Do they have resources/funding?
Level of sophistication / capability of the attacker
What are the motivations of threat actors?
- Need to find data
- Competitor performing espionage
- Service Disruption
- Blackmail
- Financial gain
etc
What are Nation States threat actors?
These are usually attackers that are part of a government or national security.
They have motivations such as war, revenge, disruption, etc
They usually perform constant attacks due to their massive resources.
Highly sophisticated since these usually military grade attackers.
What are unskilled attackers threat actors?
These attackers run pre made scripts without any knowledge of what’s really happening.
They’re mostly motivated by the hunt.
These attackers can be external or internal.
They’re not sophisticated and run with limited resources.
What are Hacktivist threat actors?
A hacker with a purpose.
They’re motivated by philosophy, revenge, disruption, etc.
Often these attackers are external.
These are very sophisticated attackers.
What are Insider Threats threat actors?
An attacker motivated by revenge or financial gain.
These attackers will use the organization’s resources against themselves.
They usually know exactly where the organization vulnerabilities are so they can use resources to access that data.
What are organized crime threat actors threat actors?
These are professional criminals that are motivated by money.
They’re very sophisticated.
Usually a very organized team of hackers that have a variety of skillsets.
What are Shadow IT threat actors?
An attacker that works around the rules of the IT department. This attacker is within the organization.
They usually purchase cloud based application that they can access through the browser.
Sometimes these are people that do not have any IT training or knowledge.