Threat Actors Flashcards

1
Q

Common Threat Actor Motivations

A
  • Data Exfiltration
  • Financial Gain
  • Blackmail
  • Service Disruption
  • Philosophical or Political beliefs
  • Ethical Reasons (aka, ethical hackers, pen testers, etc)
  • Revenge
  • Disruption or Chaos
  • Espionage
  • War
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Threat Actor Attributes

A
  • Internal/External
  • Resources & Funding
  • Level of Sophistication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Unskilled Attacker

A

Threat actors who lack the technical knowledge to develop their own tools, often utilizing their tools developed by others. Often opportunistic, and less likely to be motivated for financial gain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hacktivists

A

Threat actors who use their skills to further their political or social goals.. They often utilize the following methods…
- Website defacement
- DDoS
- Doxing
- Leaking sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Organized Crime

A

Threat actors who utilize their skills for illicit gain. They tend to be well organized and well funded, and tend to be focused on financial gain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Nation State Actors

A

Threat actors sponsored by a government. Usually not focused on financial gain. Tend to be very well funded and organized, with motivations that are related to their Nation State sponsors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Insider Threats

A

Threat actors that originate from within an organization. They tend to have high levels of knowledge about their targets. Skill levels and motivations tend to vary.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Shadow IT

A

IT which exists outside of official channels. Usually motivated by positive intent, rather than negative. Regardless, it can still create risks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Threat Vector

A

The means by which a threat actor performs their attack. The How of the attack basically

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Attack Surface

A

All of the various points where an attacker can gain unauthorized access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly