Jump to content

Threat Actor: Difference between revisions

From ICANNWiki
Newer edit →
VisualWikitext
Jessica (talk | contribs)
Bureaucrats, Check users, lookupuser, Administrators, translator
14,952 edits
Created page with "A '''threat actor''' is anyone who has the potential to impact Cybersecurity. The phrase ‘threat actor’ is commonly used in cybersecurity. The threat actor can be a p..."
 
Jessica (talk | contribs)
Bureaucrats, Check users, lookupuser, Administrators, translator
14,952 edits
No edit summary
Line 1: Line 1:
A '''threat actor''' is anyone who has the potential to impact [[Cybersecurity]].  The phrase ‘threat actor’ is commonly used in cybersecurity. The threat actor can be a person, group of people, or even an entire country. It refers to anyone who is a key driver or participant in a malicious action targeting organizational or personal IT security.<ref>[https://home.sophos.com/en-us/security-news/2021/what-is-a-threat-actor.aspx What is a threat actor, Sophos]</ref>  
A '''threat actor''' is anyone who has the potential to impact [[Cybersecurity]].  The phrase ‘threat actor’ is commonly used in cybersecurity. The threat actor can be a person, group of people, or even an entire country. It refers to anyone who is a key driver or participant in a malicious action targeting organizational or personal IT security.<ref>[https://home.sophos.com/en-us/security-news/2021/what-is-a-threat-actor.aspx What is a threat actor, Sophos]</ref>
==Types==
==Types==
Threat actors can be cybercriminals, insiders, and/or nation-states.
==Classifications==
===UNC===
===UNC===
An uncategorized group (UNC) refers to a cluster of cyber intrusion activity (based on observable artifacts in the form of infrastructure, tools, and practices) that cannot yet be classified as an advanced persistent threat or a financially motivated threat. Nonetheless, a UNC must have at least one key characteristic. As evidence grows, the UNC will likely graduate into a fully defined group (See FIN11<ref>[https://vision.fireeye.com/editions/09/09-threats-in-focus.html The graduation of FIN11, Fireye]</ref>).
===APT===
===APT===
Advanced persistent threats
===FIN===
===FIN===
Financially motivated threats
==References==
==References==

Revision as of 14:46, 28 July 2021

A threat actor is anyone who has the potential to impact Cybersecurity. The phrase ‘threat actor’ is commonly used in cybersecurity. The threat actor can be a person, group of people, or even an entire country. It refers to anyone who is a key driver or participant in a malicious action targeting organizational or personal IT security.[1]

Types

Threat actors can be cybercriminals, insiders, and/or nation-states.

Classifications

UNC

An uncategorized group (UNC) refers to a cluster of cyber intrusion activity (based on observable artifacts in the form of infrastructure, tools, and practices) that cannot yet be classified as an advanced persistent threat or a financially motivated threat. Nonetheless, a UNC must have at least one key characteristic. As evidence grows, the UNC will likely graduate into a fully defined group (See FIN11[2]).

APT

Advanced persistent threats

FIN

Financially motivated threats

References

  1. What is a threat actor, Sophos
  2. The graduation of FIN11, Fireye
Retrieved from "https://icannwiki.org/index.php?title=Threat_Actor&oldid=1329365"