Threat Actor Types and Attributes Flashcards
Person using pre-existing code and scripts to hack into machines because they lack the expertise to write their own.
Script kiddies
Individual who is someone who misuses computer systems for a socially or politically motivated agenda. The have roots in the hacker culture and ethics.
Hacker on a mission
Hackivist
Professionals motivated ultimately by profit. They have enough money to buy the best gear and tech. Multiple people perform specific roles: gathering data, managing exploits, and one who actually writes thwere code.
Organized crime
An APT is an Advanced Persistent threat, these are massive security risks that can cost companies and countries millions of dollars. Nation states have very sophisticated hacking teams that target the security of other nations. They often attack military organizations or large security sites, they also frequently attack power plants.
Nation States / APT
Someone who is inside the company and who has intricate knowledge of the company an how its network works. They can pinpoint a specific vulnerability and may even have access to multiple parts of the network.
Insiders
Rival companies, can bring down your network or steal information through espionage.
Competitors
Internal/external
Inside the company, can be intentional, unintentional or act of god.
Internal
Internal/external
Someone outside the company trying to get in
External
Skill of the hacker and the complexity of the attack
Sophistication level
The amount of money and the value of the tech and gear being used
Resource
Funding
The reason for the attack and can be for political, monetary or social gains.
Intent
Motivation
Data that is collected through publicly available information that can help make decisions and can be used by threat actors find targets and how to attack them. This is also incredibly helpful for mitigating risks and for identifying new threat actors
OSINT
Open-source intelligence
