Threat Actor Types and Attributes Flash Cards
Types of Attack Actors
-Script Kiddies
-Hacktivist
-Organized Crime
-Nation State/APT
-Insiders
-Competitors
Script Kiddies
In programming and hacking cultures, a script kiddie, skiddie, or skid is an unskilled individual who uses scripts or programs developed by others to attack computer systems and networks and deface websites, such as a web shell.
-Wikipedia
Hacktivist
In Internet activism hacktivism or hactivism is the use of technology to promote a political agenda or a social change
-Wikipedia
Organized Crime
Organized crime is a category of transnational, national, or local groupings of highly centralized enterprises run by criminals to engage in illegal activity, most commonly for profit. Some criminal organizations, such as terrorist groups, are politically motivated.
-Wikipedia
Nation States
A nation state is a state in which a great majority shares the same culture and is conscious of it. -wikipedia.org
APT
An advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.
-Wikipedia
Insiders
Any person with authorized access to any U.S. Government resource, to include personnel, facilities, information, equipment, networks, or systems.
-NIST
Competitors
An organization or country engaged in commercial or economic competition with others.
-Google
Attributes of Actors
-Internal/External -Level Of Sophistication -Resources/Funding -Intent/Motivation
External
External threat actors come from outside the organization and do not have authorized access to the organizations information systems, data, or physical resources and spaces
Level of Sophistication
The level of sophistication is an important factor in the determination of the risk of a threat actor. Highly sophisticated threat actors are more likely to be successful if an attack is launched. Less sophisticated attackers have a lower probability of an attack being successful should it be launched.
Resources/Funding
Resources and funding determines how well a threat actor is able to support the attack monetarily or with the needed equipment and software.
Intent/Motivation
Motivation is an important factor in a successful attack against an organization.
Highly motivated threat actors are more likely to actually launch an attack against an organization while less motivated actors may prepare but never launch the attack. The intent or motivation of an actor may be tied to the political, ideological or personal goals of the attacker.
Open-Source Intelligence
Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context
-Wikipedia