-
- Types
- Espionage
- This type is interested in stealing state\government secrets from businesses and government-run organizations
- Warfare
- This type is interested in sabotaging military
- Espionage
- Well founded
- Geopolitical
- Common TTPs: spear phishing, direct compromise, custom malware and exploits
- Types
-
- This type is interested in stealing personal info from data-rich businesses and organizations for financial gain
- Common TTPs: ransomware and phishing
- Profit
-
- This type is interested in sabotaging critical infrastructure
- Sometimes include hacktivists
- Ideological Violence
-
- Stratification
-
- Types
- Malicious Insiders
- Individuals who agreed to help threat actors for financial gain
- Incautious Insiders
- Individuals who made an incorrect mistake that led to a cyberattack
- Malicious Insiders
- Common TTPs: data exfiltration or privilege misuse
- Types
-
- This type is interested in advancing a specific political cause
- Not interested in money
- Ideological
- Common TTPs: DDoS attacks, website defacements and doxing
-
- This type uses other threat actors' tools to attack networks or systems
- Low technical skills
- White hat
- Also known as ethical hackers, individuals who use their technical skills to protect networks and systems from threat actors
- Grey hat
- Individual who is in between white and black hat
- Issues cyber-attacks without the target's consent
- Sometimes they disclose info about vulnerabilities before being patched
- Black hat
- Also known as cybercriminals, individuals who use their technical skills for malicious intention
- Blue hat
- Individuals who use their technical skills to lunch cyber attacks without causing damage (Or, seek revenge)
- Green hat
- Similar script kiddies, individuals who lack technical skills and want to cause harm
- They want to learn, whereas script kiddies are not
- Red hat
- Individuals who use their technical skills to attack threat actors
- They use unethical ways
5c5975ab-eb59-40e1-94ef-7fdec524f651