Threat Actors
This term describes a person or entity responsible for a security incident or risk.
What is a threat actor?
The phase of an attack focused on gathering information about hardware, networks, and users.
What is reconnaissance?
An attack that uses deception to trick users into violating security policies.
What is social engineering?
Software designed to serve a malicious purpose without user consent.
What is malware?
This attack surface includes unpatched or outdated applications.
What is vulnerable software?
This type of threat actor is motivated by political or social causes.
What is a hacktivist?
A technique that scans multiple IP addresses to identify active hosts.
What is a ping sweep?
Email-based attacks pretending to be from a trusted source.
What is phishing?
Malware disguised as legitimate software.
What is a Trojan?
Attack surface involving unauthorized hardware or software on a network.
What is shadow IT?
This threat actor has authorized system access and can cause intentional or unintentional harm.
What is an internal threat?
This attack phase occurs after breaching and involves gaining higher-level permissions.
What is privilege escalation?
A phishing attack conducted using SMS text messages.
What is smishing?
Malware that self-replicates and spreads over networks without user interaction.
What is a worm?
Attack surface that relies on enticing users to open malicious files or devices.
What is a lure-based attack surface?
These attackers are backed by government military or intelligence resources.
Who are nation-state actors?
This step involves positioning tools or malware for later exploitation.
What is staging?
An attack where a hacker redirects users from a legitimate website to a malicious one.
What is pharming?
Malware that encrypts files and demands payment to restore access.
What is ransomware?
Email and messaging systems are examples of this attack surface.
What is a message-based attack surface?
This describes attackers who maintain long-term, stealthy access to systems using malware and exploits.
What is an advanced persistent threat (APT)?
Dumpster diving, intimidation, and sympathy all fall under this attack method.
What is social engineering?
An attack where malicious code is injected into websites frequently visited by a target group.
What is a watering hole attack?
Malware that operates in memory and leaves little to no footprint on disk.
What is a fileless virus?
Attack surface involving third-party vendors and product distribution.
What is the supply chain?