Security 1.3 Flashcards
Script kiddies
A person who uses pre-existing code and scripts to hack into machines, because they lack the expertise to write their own
Hacktivist
An individual who is someone who misuses computer systems for a socially or politically motivated agenda. They have roots in the hacker culture and ethics. Hacker on a mission
Organized crime
These are professionals motivated ultimately by profit. They have enough money to buy the best gear and tech. Multiple people perform specific roles: gathering data, managing exploits, and one who actually writes the code.
Nation states/APT
An APT is an advanced persistent threat, these are massive security risks that can cost companies and countries millions of dollars. Nation states have very sophisticated hacking teams that target the security of other nations. They often attack military organizations or large security sites, they also frequently attack power plants.
Insiders
Someone who is inside the company who has intricate knowledge of the company and how its network works. They can pinpoint a specific vulnerability and may even have access to multiple parts of the network.
Competitors
Rival companies, can bring down your network or steal information through espionage.
Internal/external
Internal is inside the company, can be intentional, unintentional. External is someone outside the company trying to get in.
Level of sophistication
Is the skill of the hacker and the complexity of the attack.
Resources/funding
he amount of money and the value of the tech and gear being used.
Intent/motivation:
The reason for the attack, can be for political, monetary, or social reasons.
Use of Open-source intelligence (OSINT):
Data that is collected through publicly available information. This can be used to help make decisions. Can be used by threat actors to help find their next target or how to best attack their target. OSINT is also incredibly helpful for mitigating risks and for identifying new threat actors.
