Classifying Threats Flashcards
(35 cards)
An individual or group with advanced skills and funding, typically aligned with a nation’s interests.
Nation-state actor
An attacker motivated by ideology or social change, often using public defacement or data leaks.
Hacktivist
An insider who intentionally or unintentionally compromises security by leaking or mishandling data.
Insider threat
Threat actors that aim for financial gain through organized campaigns like ransomware and fraud.
Organized crime group
An individual who uses pre-built tools or scripts to launch attacks with little technical knowledge.
Script kiddie
An attacker who attempts to gain business secrets to undermine a competitor’s advantage.
Corporate espionage threat
The type of attack in which an adversary targets a software vendor to compromise multiple clients.
Supply chain attack
A tactic where attackers scan for open ports across a wide IP range without targeting specific victims.
Opportunistic scanning
A threat actor with defined objectives, using stealthy techniques over an extended period.
Advanced Persistent Threat (APT)
The type of threat where third-party vendors or service providers introduce vulnerabilities.
Third-party risk
A person who violates ethical norms but may help organizations by disclosing vulnerabilities.
Gray hat hacker
The cybersecurity threat resulting from unsupported operating systems or legacy equipment.
Obsolescence risk
An attack that manipulates domain name resolution to redirect traffic to malicious sites.
DNS poisoning
A threat based on manipulating people into bypassing normal security procedures.
Social engineering
A criminal that targets high-ranking officials through deceptive emails.
Whaling attacker
The threat that comes from poor configuration, weak access controls, or open services.
Misconfiguration
A method of attack that simulates real adversaries to test an organization’s defenses.
Red teaming
A malware type that doesn’t require user interaction and spreads across systems automatically.
Worm
An attacker motivated by personal revenge against an employer or coworker.
Malicious insider
The classification model that breaks threats down by motive, capability, and opportunity.
Threat actor profiling
An attack that occurs due to accidental internal user actions, such as misdirected emails.
Unintentional insider threat
A targeted threat actor with specific knowledge of the organization’s environment.
Insider with elevated privileges
The concept that no user, system, or device is inherently trusted within the network.
Zero Trust security model
The motivation behind ransomware gangs demanding cryptocurrency payments.
Financial gain
