Browse Definitions :
Definition

threat actor

A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security. 

In threat intelligence, actors are generally categorized as external, internal or partner.  With external threat actors, no trust or privilege previously exists, while with internal or partner actors, some level of trust or privilege has previously existed. The actor may be an individual or an organization; the incident could be intentional or accidental and its purpose malicious or benign. 

External actors are the primary concern of threat intelligence services not only because they are the most common, but also because they tend to be the most severe in terms of negative impact. Such threat actors are sometimes categorized as either being commodity or advanced. A commodity threat actor launches a broad-based attack hoping to hit as many targets as possible, while an advanced threat actor targets an organization, often seeking to implement an advanced persistent threat (APT) in order to gain network access and remain undetected for a long time, stealing data at will.

Another type of external threat actor is the hacktivist. Hacktivist groups such as Anonymous use many of the same tools employed by financially-motivated cybercriminals to detect website vulnerabilities and gain unauthorized access or carry out distributed denial-of-service (DDoS) attacks. The motivation of most hacktivists is to gain access to sensitive information that will negatively impact the reputation of an individual, a brand, a company or a government.

Learn more about commodity vs. advanced threat actors:

This was last updated in January 2016

Continue Reading About threat actor

SearchNetworking
SearchSecurity
  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system ...

  • parameter tampering

    Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's ...

  • SYN flood attack

    A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server.

SearchCIO
  • Lean Six Sigma

    Lean Six Sigma is a data-driven approach to improving efficiency, customer satisfaction and profits.

  • change management

    Change management is a systematic approach to dealing with the transition or transformation of an organization's goals, processes...

  • business transformation

    Business transformation is a term used to describe what happens when a company makes fundamental changes to how it operates.

SearchHRSoftware
SearchCustomerExperience
  • clickstream data (clickstream analytics)

    Clickstream data and clickstream analytics are the processes involved in collecting, analyzing and reporting aggregate data about...

  • neuromarketing

    Neuromarketing is the study of how people's brains respond to advertising and other brand-related messages by scientifically ...

  • contextual marketing

    Contextual marketing is an online marketing strategy model in which people are served with targeted advertising based on their ...

Close