Threat Actors – CompTIA Security+ SY0-501 – 1.3

there are people in organizations that are after your computers and your data you can call these bad guys or NER do wells but the formal term for them is a threat actor you might also hear these called malicious actors there are many different kinds of threat actors they

come from different places in the world and they all have different motivations on what they're trying to get out of your systems these threat actors will use as much information as they can from as many different sources as they can there's a huge amount of information available in

the world is open source you can go to Facebook or Twitter or LinkedIn to gather information that they can use against you one type of actor is the script Kitty the script Kitty is someone who runs premade scripts to try to find vulnerabilities or things that they could

exploit inside of your systems in many cases the script Kitty may not necessarily even know what these scripts are really doing to find these vulnerabilities and although we call them script kiddies this person may not necessarily be a kid a script Kitty could be someone on the outside

or the inside of your network usually it's somebody who is on the outside of your network trying to find these vulnerabilities and they're using scripts that they find from anywhere these are not scripts that they're creating themselves so these scripts usually are not very sophisticated these folks usually

don't have a lot of formal funding they're not a large organization it's usually an individual they're really just looking for vulnerabilities that are the easiest to exploit their most often just motivated by the hunt to find these particular vulnerabilities and in some way to make a name for

themselves or make it so they can brag on the internet that they found that particular vulnerability a hacktivist is the combination of the words hacker and activist so this is a hacker that has a mission they have a goal they're trying to create social change or they might

have a political agenda usually this is someone that is on the outside of your network these can often be very sophisticated hackers to know exactly what they're going after their goals may be to bring down your websites that nobody can visit your website or they may be going

after a very specific piece of data that's on the inside of your network although traditionally there hasn't been a lot of funding available for hacktivists he stays it's easy to gather funds on the internet and crowdsource and we're finding that more and more hacktivists have a lot more

money that they can use towards these purposes if you're looking for the professionals then you're really looking for somebody in organized crime these are almost always somebody who's on the outside of your network and they're almost always motivated ultimately by money these are very sophisticated hackers because they

have enough money to buy the best in hacking technologies this is obviously crime that's well organized so you have an entire org chart folks where one person is hacking another person is managing the exploits a third person is gathering the data and perhaps you even have a sales

team that's selling the data that's being hacked these folks generally have a lot of capital to fund these projects and their goal is to make more and more money through these organized crime efforts some of the most disruptive threat actors are governments where you have experts in hacking

that are working for a governmental agency they're usually focusing on national security and it's usually a hack that's being performed against an external organization or government as threat actors nation-states have some very sophisticated hacking that they perform usually they are attacking military organizations or very large security sites

for example the United States and Israel got together and destroyed a thousand nuclear centrifuges with a single worm this is a good example of how a nation-state can work on something called an advanced persistent threat an apt as a threat actor these nation states have a huge amount

of resources available and they can spend as much time people and money as necessary to find these vulnerabilities on that victim one type of threat that's very difficult to guard against our threat actors that are on the inside if you're on the inside of the network they're already

past a lot of the security that you've put in place we're talking about more than people that are simply leaving their password on a yellow sticky note we're really talking about people with institutional knowledge they understand the organization they know where the servers are located they understand the

the addressing schemes they may even have access to a number of these systems they can address their attacks to systems that are specifically vulnerable and they can really pinpoint exactly what they're going after they have extensive resources because they're on the inside of your network you're effectively paying

them to be there and they're gonna spend as much time as possible to find the information that they're looking for practically every organization has a competitor and the competitors are also a significant threat actor they are usually trying to find ways to bring down your systems maybe they're

looking for some insider information with espionage or maybe they're just trying to make you look bad so that all of the customers will come over to their side they usually have a high level of sophistication because they do have some significant funding and they know that there is

a competitive advantage to bringing you down so that the customers all come over to their site they usually have a lot of different intents for doing this they may be trying to shut you down during your busiest times maybe they're trying to steal your customer information or maybe

they're just trying to corrupt all of your data and make it so that you can't perform any functions as an organization so as you're thinking about different ways that people can get into your systems also think about these different threat actors and who it might be who's trying

to get into those systems you

Leave a Comment!