Threat Actors

Threat / Threat Actor

  • A potential occurrence that can result in an undesirable outcome.

  • A person or thing likely to cause damage or danger.

  • A threat actor is a person or entity that is responsible for an event or incident that impacts, or has the potential to impact, the safety or security of another entity.

Types of Threat Actors

  • Script Kiddies - A derogatory term for people who use hacking techniques but have limited skills. Often such attackers may rely almost entirely on automated tools they download from the Internet.

  • Hacktivist - A person who uses hacking techniques to accomplish some activist or political goal. Usually seeking to deface websites.

  • Insiders - Internal employees seeking to cause damage to their organization.

  • Organized Crime - Organized groups seeking to steal money, identities, or corporate secrets.

  • Competitors - Outside organizations seeking to commit corporate espionage for financial or market gain.

  • Nation States - Countries sponsoring illegal or fraudulent actions.

  • APT - Advanced Persistent Threat - An attack in which unauthorized persons gain access to a network using advanced exploitation techniques and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization.

Deep Web / Dark Web

  • Deep Web - Anything on the internet that a search engine can't find.

  • Dark Web - A part of the deep web internet that is only accessible by means of special software (TOR), allowing users and website operators to remain anonymous or untraceable.

  • Dark Web Market - A part of the Dark Web often illegally selling goods, merchandise, data/information, or services.

Open-Source Intelligence (OSINT)

  • Open Source - Any info that is readily available to anyone, such as newspapers or news sites.

  • Intelligence - The collection of information of military, political, organizational, or financial value.

  • Websites and tools that allow you to gather information on current threats or specific security issues:

Attributes of Threat Actors

  • Internal/External

    • Access

  • Level of Sophistication

    • Knowledge

  • Intent/Motivation

  • Resources/Funding