2 Most Basic Attributes of a Threat Actor

• Internal Threat Actors
  • Individuals or entities within an organization who pose a threat to its security
• External Threat Actors
  • Individuals or groups outside an organization who attempt to breach its cybersecurity defenses

Resources and funding available to the specific actor

• Tools, skills, and personnel at the disposal of a given threat actor

Level of sophistication and capability of the specific threat actor

• Refers to their technical skill, the complexity of the tools and techniques they use, and their ability to evade detection and countermeasures
• In the world of cybersecurity, we usually classify the lowest skilled threat actors as “script kiddies”
  • Script Kiddie
    • Individual with limited technical knowledge
    • Use pre-made software or scripts to exploit computer systems and networks
• Nation-state actors, Advanced Persistent Threats and others have high levels of sophistication and capabilities and possess advanced technical skills
  • Use sophisticated tools and techniques