Chapter 1 - 02 - Define Threat Actors_Agents - 02_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Exam 212-82 Attributes of Threat Actors Internal © @ Trusted insiders who have permission and authorized access to the organization’s network, systems, and physical resources External Outsiderswho do not have any authorized access to the organization’s network and systemsincluding physical resources Level of sophistication Highly sophisticated threat actorsare more successful in attacksthan less sophisticated threatactors Resources/funding © Determineshow a threatactor supports an attack financially or with the required software and equipment @) Intent/motivation Highly motivatedactorsare more likely to launch an attack; the intent of an attack can be connected to political or personal goals of the attacker Copyright © by EC-{ L All Rights Reserved. Reproduction is Strictly Prohibited Attributes of Threat Actors The complexity of evolving cyber security threats has alerted organizations to the importance of identifying and analyzing the behavior of threat actors. The attributes of threat actors such as their location, intent/motivation, and level of sophistication allows security professionals to analyze their behavior. Internal: Internal actors are trusted insiders who have permission and authorized access to the organization’s network, systems, and physical resources. Internal threat actors include internal employees, any third party associated with the organization, or even business partners in some scenarios. External: External actors are outsiders who do not have authorized access to the organization’s network and systems including physical resources. Such actors use social engineering techniques or malware to enter the target network or systems. Level of sophistication: The sophistication level is a crucial factor determining the risk of a threat actor. Highly sophisticated threat actors are more successful in attacks than less sophisticated threat actors. Resources/funding: This attribute determines the way a threat actor supports an attack financially or with the required software and equipment. Criminal groups and nationstate actors have relatively large budgets and can perform persistent attacks for longer time periods. Intent/motivation: This is a key attribute for the success of an attack. Highly motivated actors are more likely to launch an attack than less motivated actors, who may prepare for an attack but never launch it. The intent of an attack can be connected to political or personal goals of the attacker. Module 01 Page 16 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.