Different types of threat actors
A threat actor is nothing but an entity or individual who is responsible for an event or incident that impacts another entity. It is important that we understand the different types of threat actors and their common motivations, which will help us throughout this book to understand different perspectives. Table 1.1 provides the common threat actors, their motives, and typical goals.
Threat Actor |
Common Motivation |
Goal(s) |
---|---|---|
State- or government-sponsored actors |
Military, political, and technological agendas |
Cyber espionage, data theft, or any other activity that interests a nation for its economic benefits |
Organized crime or cybercriminals |
Financial gain and profit |
Money and valuable data |
Hacktivists/cyber extremists |
Motivational overlaps |
Focus on exposing secrets and disrupting services/organizations that they think are not good for society (hacktivists); focus on causing harm and destruction to further their cause (extremists) |
Insiders |
Revenge |
Money or data ransom or creating revenue loss |
Table 1.1: Various threat actors and their motivations
We have now summarized the four major threat actors and their motivations that we can use during goal-based penetration testing and red team exercises to simulate real threat scenarios.