14,952
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − + + + + + + + + +
no edit summary
A '''threat actor''' is anyone who has the potential to impact [[Cybersecurity]]. The phrase ‘threat actor’ is commonly used in cybersecurity. The threat actor can be a person, group of people, or even an entire country. It refers to anyone who is a key driver or participant in a malicious action targeting organizational or personal IT security.<ref>[https://home.sophos.com/en-us/security-news/2021/what-is-a-threat-actor.aspx What is a threat actor, Sophos]</ref>
A '''threat actor''' is anyone who has the potential to impact [[Cybersecurity]]. The phrase ‘threat actor’ is commonly used in cybersecurity. The threat actor can be a person, group of people, or even an entire country. It refers to anyone who is a key driver or participant in a malicious action targeting organizational or personal IT security.<ref>[https://home.sophos.com/en-us/security-news/2021/what-is-a-threat-actor.aspx What is a threat actor, Sophos]</ref>
==Types==
==Types==
Threat actors can be cybercriminals, insiders, and/or nation-states.
==Classifications==
===UNC===
===UNC===
An uncategorized group (UNC) refers to a cluster of cyber intrusion activity (based on observable artifacts in the form of infrastructure, tools, and practices) that cannot yet be classified as an advanced persistent threat or a financially motivated threat. Nonetheless, a UNC must have at least one key characteristic. As evidence grows, the UNC will likely graduate into a fully defined group (See FIN11<ref>[https://vision.fireeye.com/editions/09/09-threats-in-focus.html The graduation of FIN11, Fireye]</ref>).
===APT===
===APT===
Advanced persistent threats
===FIN===
===FIN===
Financially motivated threats
==References==
==References==