Threat Actors and Motivations Flashcards
What are threat actors?
Individuals or groups causing harm to digital systems intentionally. EX: Nation-states, unskilled attackers, hacktivists, insider threats, organized crime, shadow IT.
What are cybercriminals?
Individuals engaging in criminal activities for financial gain or other malicious purposes within the cyber domain. EX: Malware developers, fraudsters, identity thieves, ransomware operators.
What are hackers?
Individuals with technical skills to compromise computer systems or networks. The term is neutral and can refer to ethical hackers as well. EX: Ethical hackers, black hat hackers, white hat hackers.
What kind of threat actors are nation-states?
Governments or state-sponsored entities engaged in cyber activities for political, economic, or military advantages.
What kind of threat actors are unskilled attackers?
Individuals with limited technical expertise but still capable of causing significant harm through simple yet effective methods.
What kind of threat actors are hacktivists?
Activists who leverage hacking techniques to advance their social, political, or environmental agendas.
What kind of threat actors are insider threats?
Individuals within an organization who exploit their access and privileges for malicious purposes.
What kind of threat actors are organized crime?
Criminal groups seeking financial gain through cyber activities like fraud, extortion, or ransomware attacks.
What kind of threat actors are shadow IT?
Employees or departments using unauthorized software or systems, often unknowingly exposing vulnerabilities.
What are some threat actor characteristics of nation-states?
Highly sophisticated and often well-funded. Engage in cyber activities for political, economic, or military advantages. May use advanced persistent threats (APTs).
What are some threat actor characteristics of unskilled attackers?
Individuals with limited technical expertise. Rely on simple but effective methods. Can still cause significant harm.
What are some threat actor characteristics of hacktivists?
Motivated by social, political, or environmental causes. Use hacking techniques to advance their agendas or raise awareness.
What are some threat actor characteristics of insider threats?
Individuals within an organization. Exploit their access and privileges for malicious purposes. Can be employees or contractors.
What are some threat actor characteristics of organized crime?
Criminal groups seeking financial gain through cyber activities. Often involved in activities like fraud, extortion, or ransomware attacks.
What are some threat actor characteristics of shadow IT?
Employees or departments using unauthorized software or systems without IT approval. Often unintentionally expose vulnerabilities.
What is the primary distinguishing factor between cybercriminals and hackers in the context of cybersecurity?
Intent
What type of threat actors are funded by the state, access to significant resources and advanced tools?
Nation-states
What type of threat actors may use readily available tools, relying on low-cost or free resources?
Unskilled attackers
What type of threat actors may rely on community support, crowdfunding, or voluntary contributions?
Hacktivists
What type of threat actors have access to organizational resources, may leverage insider knowledge?
Insider threats
What type of threat actors are funded by criminal activities, often well-organized with financial backing?
Organized crime
What type of threat actors may operate on a small scale without significant formal funding?
Shadow IT
