Threat Actors 2.1 Flashcards
1
Q
Threat Actors
A
- Also called a malicious actor
- The entity responsible for an event that has an impact on the safety of another entity.
2
Q
Interal Threat Actors
A
- Have access and knowledge necessary to cause immediate damage to an organization.
3
Q
Medium Level of Sophistication for Insider Threats
A
4
Q
External Threat Actors
A
- Are similar to internal threat actors, however must try to establish access to the target system.
5
Q
Resource/Funding
A
- Expenses associated with maintaining teams and tools used by threat actors against a system.
6
Q
Level of Sophistication/Capability
A
- Determine if the individual is blindly running scripts or are able to write their own attack malware and scripts.
7
Q
Motivation of Threat Actors
A
- Can be simple or multifold in nature.
8
Q
Advanced Persistent Threats (APTs)
A
- Characterized by using toolkits to achieve a presence on a target network.
- Focus on maintaining a persistent presence on the target network.
9
Q
Script Kiddies
A
- Individuals who do not have the technical expertise to develop scripts or discover new vulnerabilities in software.
- Have enough understanding to download and run scripts that others have developed.
10
Q
Nation States
A
- Considered to be an external threat actor.
- Have many possible motivations to attack.
- Has many resources to perform constant attacks, such as APTs.
- Will have the highest sophistication.
11
Q
Hacktivist
A
- Hackers who work together for a collective effort, typically on behalf of some cause.
- Can be an internal/external threat.
12
Q
Organized Crime
A
- Motivated by money
- Always external
13
Q
Structure of Organized Crime
A
- One person hacks, one person manages the exploits, another person sells the data, and another handles customer support.
14
Q
Shadow IT
A
- Parts of an organization that perform their own IT functions.
- A desire to “Get Thing Done”
- Can use their own financial resources
