Threat Actors Flashcards
(51 cards)
An individual or entity responsible for incidents that impact security & data protection.
Threat Actor
Specific Characteristics or properties that define & differentiate various threat Actors from one another.
Threat Actor Attributes
Individuals with limited technical expertise who use readily available tools like downloaded scripts or exploits to carry out attacks.
Unskilled Attackers
Cyber attackers, (individuals or groups), that use technical skills to carry out their activities driven by political, social, or environmental ideologies, who often want to draw attention, to promote a specific cause or drive social change instead of for personal gain.
Hacktivists
Sophisticated well-structured groups or entities that execute cyber-attacks, leverage resources & technical skills for illicit financial gain, usually through methods like malware, ransomware, phishing campaigns, identity theft, or credit card fraud.
Organized Crime
Highly skilled attackers that are sponsored by governments to carry out cyber operations, espionage, sabotage, or cyber warfare against other nation states or specific targets, (organizations, or individuals), in a variety of industries.
Nation-state Actors
Cyber-security threats that originate from within the organization.
Insider Threats
IT systems, devices, software, applications, and services that are managed and utilized without explicit organizational approval.
Shadow IT
Decoy systems, networks, or servers designed to attract & deceive potential attackers, simulating real-world IT assets to study their techniques.
Honeypots
A network of honeypots to create an entire network of more complex decoy systems, designed to mimic an entire network of systems (servers, routers, & switches), to observe complex, multi-stage attacks.
Honey-nets
Decoy files placed within systems to lure in potential attackers & detect unauthorized access or data breaches.
Honey-files
Monitored fake pieces of data or resources with no legitimate value or use, like a fabricated user credential, inserted into databases or systems to alert administrators when they are accessed or used.
Honey-tokens
The unauthorized transfer of data from a computer.
Data Exfiltration
One of the most common motivations for cyber-criminals.
Financial Gain
Attackers obtain sensitive or compromising information about an individual or an organization & threatens to release this information to the public unless certain demands are met.
Blackmail
Achieved by conducting a DDoS attack to overwhelm a network, service, or server with excessive amounts of traffic so that it becomes unavailable to its normal users.
Service Disruption
Individuals or groups use hacking to promote a political agenda, social change, or to protest against organizations they perceive as unethical.
Philosophical or Political
Beliefs
Ethical hackers, also known as Authorized hackers, are motivated by a desire to improve security.
Ethical Reasons
An employee who is disgruntled, or one who has recently been fired or laid off, might want to harm their current or former employer by causing a data breach, disrupting services, or leaking sensitive information.
Revenge
These actors, often referred to as Unauthorized hackers, engage in malicious activities for the thrill of it, to challenge their skills, or simply to cause harm.
Disruption or Chaos
Involves spying on individuals, organizations, or nations to gather sensitive or classified information.
Espionage
Cyber-attacks have increasingly become a tool for nations to attack each other both on & off the battlefield.
War
Individuals or entities within an organization who pose a threat to its security.
Internal Threat Actors
Individuals or groups outside an organization who attempt to breach its cyber-security defenses.
External Threat Actors
