Threat Actors

Question 1

Common Threat Actor Motivations

Answer 1

• Data Exfiltration
• Financial Gain
• Blackmail
• Service Disruption
• Philosophical or Political beliefs
• Ethical Reasons (aka, ethical hackers, pen testers, etc)
• Revenge
• Disruption or Chaos
• Espionage
• War

Question 2

Threat Actor Attributes

Answer 2

• Internal/External
• Resources & Funding
• Level of Sophistication

Question 3

Unskilled Attacker

Answer 3

Threat actors who lack the technical knowledge to develop their own tools, often utilizing their tools developed by others. Often opportunistic, and less likely to be motivated for financial gain.

Question 4

Hacktivists

Answer 4

Threat actors who use their skills to further their political or social goals.. They often utilize the following methods…
- Website defacement
- DDoS
- Doxing
- Leaking sensitive data

Question 5

Organized Crime

Answer 5

Threat actors who utilize their skills for illicit gain. They tend to be well organized and well funded, and tend to be focused on financial gain.

Question 6

Nation State Actors

Answer 6

Threat actors sponsored by a government. Usually not focused on financial gain. Tend to be very well funded and organized, with motivations that are related to their Nation State sponsors

Question 7

Insider Threats

Answer 7

Threat actors that originate from within an organization. They tend to have high levels of knowledge about their targets. Skill levels and motivations tend to vary.

Question 8

Shadow IT

Answer 8

IT which exists outside of official channels. Usually motivated by positive intent, rather than negative. Regardless, it can still create risks.

Question 9

Threat Vector

Answer 9

The means by which a threat actor performs their attack. The How of the attack basically

Question 10

Attack Surface

Answer 10

All of the various points where an attacker can gain unauthorized access