These actors, alongside terrorist groups and thrill-seekers, often rely on widely available tools that require little technical skill to deploy.
Hacktivists carry out ideologically motivated cyber threat activity and are generally lower sophistication than state-sponsored cyber threat actors or organized cybercriminals. Illegal online markets for cyber tools and services have made cybercrime more accessible and allowed cybercriminals to conduct more complex and sophisticated campaigns. Organized crime groups often have planning and support functions in addition to specialized technical capabilities that can affect a large number of victims. State-sponsored cyber threat actors may also pursue financially motivated threat activity.Ĭybercriminals are primarily financially motivated and vary widely in sophistication.
The activities of state-sponsored cyber threat actors may include espionage against governments, organizations, and individuals prepositioning on or disrupting critical systems influencing and shaping public discourse or building networks of compromised devices to enable further cyber threat activity. Some nation-states also have operational relationships with private sector entities and organized criminals. Nation-states without developed cyber programs can use commercial cyber tools and the growing global pool of talent to enable sophisticated cyber threat activity. They are frequently the most sophisticated threat actors, with dedicated resources and personnel, and extensive planning and coordination. State-sponsored cyber threat actors operating on behalf of nation-states primarily use cyber threat activity to advance their geopolitical objectives. This designator is usually reserved for nation-states or very proficient organized crime groups. APTs are capable of using advanced techniques to conduct complex and protracted campaigns in the pursuit of their goals. Sometimes, sophisticated actors use readily available tools and techniques because they can still be effective for a given task and/or make it difficult for defenders to attribute the activity-for example, by leveraging the commercial security tools used by security researchers.Īdvanced persistent threats (APT) refer to threat actors in the top tier of sophistication and skill. Cyber threat actors may operate on their own or as part of a larger organization (i.e., a nation-state intelligence program or organized crime group). They have a range of resources, training, and support for their activities.
In general, each category of cyber threat actor has a primary motivation.Ĭyber threat actors are not equal in terms of capability and sophistication. Some threat actors conduct threat activity against specific individuals or organizations, while others opportunistically target vulnerable systems. Threat actors value access to devices and networks for different reasons, such as siphoning processing power, exfiltrating or manipulating information, degrading the network’s performance and extorting the owner. Types of cyber threat actors and their motivationsĬyber threat actors can be categorized by their motivations and, to a degree, by their sophistication. The globalized nature of the Internet allows threat actors to be physically located anywhere in the world and still affect the security of information systems in Canada. Cyber threat actors are groups or individuals who, with malicious intent, aim to exploit weaknesses in an information system or exploit its operators to gain unauthorized access to or otherwise affect victims’ data, devices, systems, and networks, including the authenticity of the information that flows to and from them.
0 kommentar(er)
