3: Threat Vector Types and Attributes

Types of Threat Actors

Script Kiddies:

  • Lacking expertise, not lots of technical knowledge

  • Automated approach


  • Undermining a companies reputation

  • Destabilization of and organization

  • Social Change

  • Using computers and networks to promote a political stance

  • Examples

    • Anonymous

    • Lulz Security or LulzSec

  • Scenarios

    • Publishing Emails

    • Publishing SMS records

    • Publishing passwords

    • Sources handing over information to WikiLeaks

Organized Crime:

  • Massive attacks that are commonly profit driven

  • Ransomware publishers, black market data thieves selling medical records

Nation states & APT (Advanced Persistent Threat):

  • Well-funded groups usually funded by governments or political bodies.

  • These threat actors have access to complex systems with financial support of a government unlike smaller groups

  • APT - These attacks can remain undetected for a long time

  • APT - High value targets - Major banks, insurance companies, national defense systems


  • Countermeasure are in place to stop outsiders like firewalls, anti-malware, intrusion detection and prevention.

  • How much does a company invest in preventing the attack from with in the company

  • Can lead to:

    • Fraud

    • Sabotage of systems or data

    • Theft of Data

    • Destruction of Data

    • Encryption of data

    • Complete Data Loos

    • Unauthorized access to or discloser of data


Attributes and Intents

Attributes of actors

  • Internal/external

    • Insiders vs. everyone else

  • Level of sophistication

    • Nation-state/APT

    • Organized Crime

    • Nation-state/APT

  • Script-kiddies (not to sophisticated)

  • Resources/funding

    • Organized Crime

    • Nation-state/APT

Use of open-source intelligence (OSINT)

  • Overt or undisguised

  • Examples:

    • Today the media is a HUGH source of open-source intelligence

    • Governments Reports, press conference

    • Social Media

    • Academic publications

    • Deep Web