Threat Actors Flashcards
Common Threat Actor Motivations
- Data Exfiltration
- Financial Gain
- Blackmail
- Service Disruption
- Philosophical or Political beliefs
- Ethical Reasons (aka, ethical hackers, pen testers, etc)
- Revenge
- Disruption or Chaos
- Espionage
- War
Threat Actor Attributes
- Internal/External
- Resources & Funding
- Level of Sophistication
Unskilled Attacker
Threat actors who lack the technical knowledge to develop their own tools, often utilizing their tools developed by others. Often opportunistic, and less likely to be motivated for financial gain.
Hacktivists
Threat actors who use their skills to further their political or social goals.. They often utilize the following methods…
- Website defacement
- DDoS
- Doxing
- Leaking sensitive data
Organized Crime
Threat actors who utilize their skills for illicit gain. They tend to be well organized and well funded, and tend to be focused on financial gain.
Nation State Actors
Threat actors sponsored by a government. Usually not focused on financial gain. Tend to be very well funded and organized, with motivations that are related to their Nation State sponsors
Insider Threats
Threat actors that originate from within an organization. They tend to have high levels of knowledge about their targets. Skill levels and motivations tend to vary.
Shadow IT
IT which exists outside of official channels. Usually motivated by positive intent, rather than negative. Regardless, it can still create risks.
Threat Vector
The means by which a threat actor performs their attack. The How of the attack basically
Attack Surface
All of the various points where an attacker can gain unauthorized access