Hackers and Threat Actors

Threat actors are those who would perpetrate damaging acts against computer systems and networks. They can exist inside or outside an organization and may be driven by motives ranging from economic to political to thrill-seeking or fear-instilling.

Threat actors commit actions as a result of certain character traits, circumstances, or environment. Understanding these contributing factors is an important step in recognizing and averting threats and their outcomes.

The modern tech stack, similar to OSI diagrams. User experience on top reads ‘compromised by a customer’. Below that layer by layer: compromised by a former employee, compromised by a current employee, compromised by bitcoin miners, compromised by unknown hackers, compromised by our own government, compromised by a foreign government, massive undiscovered hardware vulnerability.

In this humorous play on an OSI diagram, instead of layers with tech like operating systems and web servers, we see a stack of threat actors instead.

Source: XKCD

Resources

  • What Motivates a Hacker?
  • State actors are sponsored by a government. The motive behind the attack may be to obtain sensitive information for political gain, intelligence, and military information. Example: A country uses professional hackers to infiltrate the network of a rival country's defense department and gain confidential details of a weapons deal. Additionally, some state actors use cyberattacks to steal intellectual property.
  • Nonstate actors operate unsanctioned for a variety of reasons.
    • Script kiddies are unskilled, borrowing code.
    • Hacktivists are driven by political ends.
    • Criminal hackers are motivated by monetary gain.
    • Black hat, gray hat, and white hat hackers are characterized by their actions when a vulnerability is discovered. Specifically, a black hat actor will intentionally exploit a discovered vulnerability, even if it is a violation of law or standards, and will not report it so that it can be addressed; a white hat actor will not exploit or disclose a vulnerability until it has been mitigated; and a gray hat actor will neither exploit a discovered vulnerability nor report its existence.

Check Your Knowledge

Choose the best answer to each question:
Question 1
What best describes a script kiddie?
an advanced hacker
an elite hacker
beginner hacker
none of the above
Question 2
The leading source of hacking and computer crime is which of the following?
black hat hackers
insiders
script kiddies
hacktivists
Question 3
Which of the following hacker types exploit systems to obtain intellectual property or trade secrets?
hacktivists
industrial saboteurs
script kiddies
insiders
Question 4
Several easy-­to-use hacking tools that are readily available have contributed to the growth of which of the following hacker groups?
gray hats
white hats
script kiddies
insiders
Question 5
Distributed denial-of-service (DDoS) attacks and the defacement of websites are most likely caused by the following type of hacker:
script kiddie
insider
hacktivist
black hat hacker
Question 6
Which of the following is often cited as the primary motive for hackers?
curiosity
financial gain
notoriety or fame
boredom
Question 7
State actors such as China, Russia, Iran, and the United States often use a method that allow for reconnaissance, malware insertion, backdoors, privilege escalation, and expropriation. That method is called:
advanced penetration testing
advanced persistent threat
advanced persistent testing
all of the above
Question 8
Famous white hat hackers include all of the following except which person?
Julian Assange
Stephen Wozniak
Tim Berners-Lee
Tsutomu Shimomura
Question 9
Which of the following tend not to engage in malicious hacking acts but may use unethical means to discover and report vulnerability, especially if profit is a motivation:
black hat hacker
white hat hacker
gray hat hacker
gray box hacker

Licenses and Attributions

Stack by XKCD is available under the Creative Commons Attribution-NonCommercial 2.5 license. UMGC has modified this work and it is available under the original license.