Click to read more SPOT Cybersecurity Tips on LinkedIn.
As a business owner, it gets exhausting trying to keep up with the cyber threat landscape. But, it's something we have to do to protect our businesses. One of the key areas to understand in cybersecurity is the type of Cyber Threat Actors.
A Cyber Threat Actor is a person or group performing malicious or hostile actions which cause harm to the victims' computers, devices, systems, or networks. Threat Actors are categorized into groups based on their motivations and affiliations.
- Well funded and aggressive threat actors who target both public and private sector networks to compromise, steal, change, or destroy information
- May be part of a state apparatus or receive direction, funding, or technical assistance from a nation-state
- Nation-states have been used interchangeably with Advanced Persistent Threat (APT) and represent a formidable opponent to defend against
- Largely profit-driven, they target data to sell, hold for ransom, and exploit for monetary gain
- Represent the largest long-term risk SMBs face today
- Cyber criminals may work individually or in groups to achieve their purposes
- Common Attacks: Phishing, Social Engineering Attacks, Malware, Ransomware
- Politically, socially, or ideologically motivated threat actors who target victims for publicity or to effect change, which can result in high profile events
- Not typically motivated by monetary gain or the theft of IP, mostly hacking for a cause. Terrorist organizations are sometime included in Hacktivist grouping
- Cyber Terrorist Groups are similar to nation-state hackers, but may or not be associated with a specific nation-state.
- Cyber Terrorism is defined as “Unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.”
- A Cyber Thrill Seeker is a type of threat actor that attacks a system for the sole purpose of experimentation. They are interested in learning more about how computer systems and networks operate. They are considered moderate to low level in terms of sophistication as they usually rely on publicly available exploits that require little technical skill for their cyber-attacks.
Current or former employees, contractors, or consultants who have access to an organization’s networks, systems, or data and can be broken down further into two specific groups:
- Malicious insider Threats intentionally exceed or misuse their access in a manner that negatively affects the confidentiality, integrity, or availability of the organization’s data and/or information systems.
- Accidental insider Threats unintentionally cause damage to their organization’s information systems through their actions, such as clicking on malicious links in a phishing email, or inaction, such as not setting access restrictions on Non-Public-Personal-Information (NPPI) or Personally Identifiable Information (PII)
Leave a comment!