General Security Concepts
2.1.1 - Threat Actors
2.1.1 - Threat Actors
________ are individuals with little expertise or knowledge in computer security. They often execute attacks using ready-made tools and are interested in causing chaos or gaining notoriety. Their skill level is considered low, as they rely on pre-existing tools rather than developing their own exploits.
What are -script kiddies-, and what is their typical skill level?
_______ _______ & ____ are highly advanced government or military organizations that conduct cyberattacks for intelligence gathering, disrupting enemy nations, and defending their citizens’ rights. They have extensive resources and capabilities, often with the full support of their governments, allowing them to carry out sophisticated exploits.
Describe the characteristics of -nation states and advanced persistent threats (APTs)- in the context of cybersecurity.
_________ are primarily driven by Political, commercial, or economic messages.
What is a -hacktivist-
________ are a type of threat actor comes from inside of an organization and has trusted access to information?
What are -Internal threat actors-?
_________ are any business or organization that operates within the same domain as another business. For example, both Netflix and Hulu operate within the streaming video business
What are -Competitors-?
_______ _______ _________ are primarily motivated by financial gain and power. They engage in activities such as selling data on the dark web, conducting espionage, and interrupting business operations until ransoms are paid. Unlike other groups, their activities are focused on furthering their criminal enterprises
What distinguishes -organized crime groups- in terms of their motivations and activities?
_____ ______ hackers engage in malicious activities to cause harm or profit illegally
What are -black hat- (unauthorized user) hackers
______ _______ & ____ are group of threat actors fueled by money and the desire to gain power to continue their influence
What are -Nation States and APT-
_______ _______ motivation involves disrupting the normal operation of systems, networks, or services for various reasons
What are -Service disruptions-?
A _______ can be defined as anyone who uses technology and its tools to bypass a normal operation to gain access to some system that they are not supposed to have.
What are -Hackers-?
_______ _______ are individuals within an organization who exploit their access to expose business secrets or data. They are dangerous because they have insider knowledge of the organization’s weaknesses and can execute attacks with a greater chance of going undetected. They often act out of vengeance or spite due to perceived injustices in the workplace.
What defines -insider threats-, and why are they considered particularly dangerous?
_______ ________ hackers identify and fix vulnerabilities with the intent of improving security
What are -white hat- (authorized user) hackers
Insider Threats primarily exploit to cause damage within an organization exploiting _______ ________ known within the organization.
What are -weak points- known within the organization?
_______/______ ______ are the primary motivation for hacktivist groups
What is -Philosophical/political beliefs- ?
_________ & __________ can determine how well a threat actor can support their attack on a network eithermonetarily or with the needed equipment and software.
What are -Resources & Funding-?
_______ ___ refers to departments or individuals within organizations that circumvent IT department rules to implement their own technologies or security measures. This can lead to security vulnerabilities, as these unauthorized systems may not adhere to organizational security standards or receive proper oversight from IT departments.
Explain the concept of -shadow IT- and its potential impact on organizations.
_______ _______ hackers fall between these categories, conducting potentially illegal activities without malicious intent, often for personal amusement or to expose vulnerabilities.
What are -grey hat- (semi-authorized) hackers
________ type of hackers intend to cause damage and harm to their targets.
What are -black hat- hackers?
________ ________ are groups of people who pose a threat to the security of software, data, or an organization’s well-being.
What are -Threat Actors- ?
_________ ________ entails stealing sensitive or valuable data for various purposes, such as selling information on the black market, conducting corporate espionage, or obtaining intellectual property.
What is -Data Exfiltration->
_________ are typically motivated by political, commercial, or economic ideologies. They use technology to spread their message and disrupt their perceived opponents’ technologies, such as websites and social media profiles. Unlike other groups, their attacks are driven by a cause rather than financial gain
How do -hacktivists- differ from other threat actor groups, and what motivates them?
A group of threat actors characterized by novice computer professionals with little expertise or knowledge
What are -script kiddies- ?
_______ ___ work within larger organizations but not following IT department rules
How does -Shadow IT- operate?
APT stands for ______ ________ _______
What is -Advanced Persistent Threats-?
_________ is the act of gathering intelligence or sensitive information for political, economic, or military advantages
What is -Espionage-?