Welcome to Cyber Aires Video, Siri's and the Company of Security Plus 5 +01 Certification and Exam.
I'm your instructor Round Warner,
please visit Cyber Eri died. I t. For more information on this certification and many others.
This video is part of domain one threats, attacks and vulnerabilities.
In this video, I'll be talking about section 1.3
explained Threat Actor types and attributes.
In this video, we'll cover the following topics.
The different types of threat actors such a script kiddies, hacktivists, nation states insiders
also talk about the attributes of threat actors, internal versus external level of sophistication,
resource is and intent.
And lastly, talk about use of open source intelligence. Basically news to find out information about threats and conduct your own threat analysis.
I'll start by explaining what is a threat or threat. Actor.
Well, the definition is a potential occurrence that it can result in an undesirable outcome
where it's a person or thing likely to cause damage or danger. So threat always has a negative connotation associated with it.
A threat actor is a person or entity that is responsible for an event. Were incident that impacts our has potential to impact the safety or security of another entity.
Keep these definitions in mind as we talk about types of threat actors
under screen. You see different types of threat actors you may encounter in your role is a cyber security professional.
The first is a script kiddie, a derogatory term for people who use hacking techniques
but have limited skills. Basically, they still scripts off of the Internet, and they use them without really knowing how they work. Often, such Attackers may rely almost entirely on automated tools they download from the Internet,
so don't be a script kiddie.
The second is a hacktivist ah, person or an entity who uses hacking techniques to accomplish some activist or political goal,
usually seeking to deface websites.
Lastly, our insiders, these air internal employee seeking to cause damage to their organization.
Other type of threat actors may encounter could organized crime.
These are organized groups seeking to steal money, identities or corporate secrets, conduct espionage and organized crime signature
competitors. They're outside organization, seeking to commit corporate espionage for financial or market gain.
Nation states and the news As I'm recording this a lot about nation states attacking the United States,
their country sponsoring illegal or fraudulent activities
across the Internet.
An advanced, persistent threat or a P T.
Is an attack in which unauthorized persons gained access to a network using advanced exploitation techniques and stays there for an undetected long period of time.
The intention of an A P T attack is to steal data rather than cause damage to the network or organization.
I recommend you searched the news for a P T attacks. You'll find there are many stories you can learn from
a term associated with threats and threat. Actors are the deep Web and dark Web.
Deep Web is anything on the Internet, but a search engine can find at a normal search engine like Google being or Yahoo can't find.
The Dark Web is part of the deep Web Internet that is on Lee, accessible by special software such as tour the Onion router, allowing users and website operators to remain anonymous or untraceable.
There is a dark Web market, which is part of the dark Web, often selling illegally gotten goods. Merchandise data information were service is so if I find a zero day vulnerability, I might sell it on the dark Web market
credit card numbers that were stolen are also stolen on the dark Web. You see an example on your screen
As part of your threat analysis, you should be using open source intelligence, also known as awesome.
Open source is any information that is readily available to anyone. Newspapers, news sites.
Intelligence is the collection of information of military, political, organisational or financial value. Putting those two together basically using open websites, open new sources to create your own intelligence
websites and tools that allow you to gather information on current threats or specific security. Issues are shown on your screen
as part of this section in security. Plus, you need to also understand the attributes of threat actors.
It could be internal employees versus external entities. It all depends on their level of access.
A vendor could be someone who was external but brought in internally so they can cross.
The level of sophistication is that knowledge and entity has to cause the breach to commit the fraud.
There's also intent and motivation.
Why're they conducting the fraud? Why are they the threat that they may be
Lastly? Are those resource is or funding? Do they have the financial power to create the fraud to commit the breach
you see on your screen my definition. Based on Christie's fraud triangle, where takes resource is commit fraud. You need three things. Access, intent and knowledge.
Refer to this and think about how fraud could occur within your organization based on these attributes.
In this video, I talked about different threat actor types and attributes.
Let's practice on a sample question.
Your company's website has been just faced by an organization that doesn't agree with your corporate policies.
What type of threat actor typically does this?
The enter is be a hacktivist.
This is the definition of a hacktivist.
This concludes the video for section 1.3. Explain Threat. Actor types and attributes
refer to your study material form or information.