Threat Actors Flashcards
Threat Actor Motivations
Data Exfiltration, Blackmail, Espionage, Service Disruption, Financial gain, Philosophical/Political Beliefs, Ethical Reasons, Revenge, Disruption/Chaos, and War
Threat Actor Attributes
Internal vs. External Threat Actors, Differences in resources and funding, and Level of sophistication
Hacktivists
Driven by political, social, or environmental ideologies
Unskilled Attacker
Limited technical expertise, use of readily available tools
Organized Crime
Execute cyberattacks for financial gain (ex. ransomware & identity theft)
Nation-state Actor
Highly skilled attackers sponsored by governments for cyber espionage or warfare
Insider Threats
Security threats originating from within the organization
Shadow IT
IT systems, devices, software, or services managed without explicit organizational approval
Threat Vectors & Attack Surfaces
Message-based, Image-based, File-based, Voice calls, Removable Devices, Unsecured networks
Honeypots
Decoy SYSTEMS to attract and deceive attackers
Honeynets
Network of decoy systems for observing complex attacks
Honeyflies
Decoy files to detect unauthorized access or data breaches
Honeytokens
Fake data to alert administrators when accessed or used