<aside> <img src="/icons/profile_gray.svg" alt="/icons/profile_gray.svg" width="40px" /> Any individual or entity responsible for incidents that impact security and data protection is known as a Threat Actor

</aside>

Objectives:

• 1.2 - Summarize fundamental security concepts

• 2.1 - Compare and contrast common threat actors and motivations

• 2.2 - Explain common threat vectors and attack surfaces

• Threat Actors

  • Threat Actor Motivations
    • Data Exfiltration
    • Blackmail
    • Espionage
    • Service Disruption
    • Financial Gain
    • Philosophical/Political Beliefs
    • Ethical Reasons
    • Revenge
    • Disruption/Chaos
    • War
  • Threat Actor Attributes
    • Internal vs. External Threat Actors
    • Differences in resources and funding
    • Level of sophistication
  • Types of Threat Actors
    • Unskilled Attackers
      • Limited technical expertise, use readily available tools
    • Hacktivists
      • Driven by political, social or environmental ideologies
    • Organized Crime
      • Execute cyberattacks for financial gain (e.g, ransomware, identity theft)
    • Nation-state Actor
      • Highly skilled attackers sponsored by governments for cyber espionage or warfare
    • Insider Threats
      • Security threats originating from within the organization

  ---

  • Shadow IT
    • It systems, devices, software, or services managed without explicit organizational approval
  • Threat Vectors and Attack Surfaces
    • Message-based
    • Image-based
    • File-based
    • Voice calls
    • Removable devices
    • Unsecured networks
  • Deception and Disruption Technologies
    • Honeypots
      • Decoy systems to attract and deceive attackers
    • Honeynets
      • Network of decoy systems for observing complex attacks
    • Honeyfiles
      • Decoy files to detect unauthorized access or data breaches
    • Honytokens
      • Fake data to alert administrators when accessed or used