site_logo

Previous Next


  1. Security+ Practice Tests
  2. Security+ Cram Notes
  3. Network+ Practice Tests

Systems and Security : Attacks, Threats, and Vulnerabilities

1.5 Threat Actors, Vectors and Intelligence Sources

"Actors and threats" refer to the individuals, organizations or entities who pose a risk to the security of an information system.

Advanced Persistent Threat (APT): refers to a highly skilled and well-resourced attacker who aims to maintain a long-term presence in a target's network, while stealing sensitive information or compromising critical systems.

Insider Threats: refers to individuals who have access to sensitive information due to their employment within an organization. These individuals may cause harm to the organization either intentionally or unintentionally, either through malice or due to poor security practices.

State actors: refers to nation-states or government organizations that have the resources and capability to launch complex cyber attacks.

Hacktivists: refers to individuals or groups who use hacking techniques to promote political or social causes.

Script kiddies: refers to individuals who use existing, pre-written scripts or tools to launch attacks without having a deep understanding of the underlying technology.

Criminal syndicates: refers to groups of cybercriminals who work together to launch large-scale, organized cyber attacks for financial gain.

Hackers - Authorized - Unauthorized - Semi-authorized

Hackers can be broadly categorized into three types: Authorized, Unauthorized, and Semi-authorized.

Authorized hackers, also known as ethical hackers, are individuals who are employed by organizations to identify and test the security weaknesses of their systems and networks. They work with the permission of the organization and are tasked with improving the overall security posture of the organization.

Unauthorized hackers, also known as black-hat hackers, are individuals who access computer systems and networks without the owner's permission. Their actions are illegal and can cause significant harm to organizations and individuals. They may carry out attacks for a variety of reasons, including personal gain, political activism, or for the challenge.

Semi-authorized hackers are individuals who have some level of authorization to access a system, but may use their access for malicious purposes. This can include employees who access systems without proper authorization, contractors who exceed their scope of work, or third-party vendors who abuse their access to systems. These types of attackers can be particularly dangerous because they may have legitimate access to systems and can evade security measures that are designed to detect unauthorized access.

Shadow IT - Competitors

Competitors are entities that aim to compete with an organization for market share, customers, or resources. In terms of cybersecurity, they may try to gain unauthorized access to sensitive information or compromise the security of an organization's systems to gain an advantage.

Shadow IT refers to technology solutions that are not sanctioned or approved by an organization's IT department but are still used by employees. These solutions may not have the same level of security controls as approved solutions and can pose a significant risk to an organization's security.

Attributes of actors

1. Internal/external
2. Level of sophistication/capability
3. Resources/funding - Intent/motivation

The attributes of actors refer to the various characteristics of the individuals or organizations that carry out an attack. The main attributes include internal/external, level of sophistication/capability, resources/funding, and intent/motivation.

Internal actors are those who are employed by or have authorized access to an organization's systems and information. They have inside knowledge of the systems and processes and can potentially cause harm to the organization.

External actors, on the other hand, are not affiliated with the organization and are often motivated by financial or political gain.

The level of sophistication and capability of actors refers to their technical skill and knowledge of cyber threats and defenses. Some actors may have extensive resources and funding, allowing them to carry out highly sophisticated and well-coordinated attacks.

The intent and motivation of actors is important to understand as it can influence the type of attack and its goals. Some actors may be motivated by financial gain, while others may be driven by political or ideological motives.

Previous Next




simulationexams.com ad

certexams.com ad