Browse Definitions :
Definition

threat actor

A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security. 

In threat intelligence, actors are generally categorized as external, internal or partner.  With external threat actors, no trust or privilege previously exists, while with internal or partner actors, some level of trust or privilege has previously existed. The actor may be an individual or an organization; the incident could be intentional or accidental and its purpose malicious or benign. 

External actors are the primary concern of threat intelligence services not only because they are the most common, but also because they tend to be the most severe in terms of negative impact. Such threat actors are sometimes categorized as either being commodity or advanced. A commodity threat actor launches a broad-based attack hoping to hit as many targets as possible, while an advanced threat actor targets an organization, often seeking to implement an advanced persistent threat (APT) in order to gain network access and remain undetected for a long time, stealing data at will.

Another type of external threat actor is the hacktivist. Hacktivist groups such as Anonymous use many of the same tools employed by financially-motivated cybercriminals to detect website vulnerabilities and gain unauthorized access or carry out distributed denial-of-service (DDoS) attacks. The motivation of most hacktivists is to gain access to sensitive information that will negatively impact the reputation of an individual, a brand, a company or a government.

Learn more about commodity vs. advanced threat actors:

This was last updated in January 2016

Continue Reading About threat actor

Networking
Security
  • PCI DSS 12 requirements

    The PCI DSS 12 requirements are a set of security controls businesses must implement to protect credit card data and comply with ...

  • cardholder data (CD)

    Cardholder data (CD) is any personally identifiable information (PII) associated with a person who has a credit or debit card.

  • PCI DSS merchant levels

    Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per ...

CIO
  • systems thinking

    Systems thinking is a holistic approach to analysis that focuses on the way that a system's constituent parts interrelate and how...

  • corporate social responsibility (CSR)

    Corporate social responsibility (CSR) is a strategy undertaken by companies to not just grow profits, but also to take an active ...

  • knowledge-based systems (KBSes)

    Knowledge-based systems (KBSes) are computer programs that use a centralized repository of data known as a knowledge base to ...

HRSoftware
  • employee engagement

    Employee engagement is the emotional and professional connection an employee feels toward their organization, colleagues and work.

  • talent pool

    A talent pool is a database of job candidates who have the potential to meet an organization's immediate and long-term needs.

  • diversity, equity and inclusion (DEI)

    Diversity, equity and inclusion is a term used to describe policies and programs that promote the representation and ...

Customer Experience
  • customer touchpoint

    A customer touchpoint is any direct or indirect contact a customer has with a brand.

  • customer service charter

    A customer service charter is a document that outlines how an organization promises to work with its customers along with ...

  • sales development representative (SDR)

    A sales development representative (SDR) is an individual who focuses on prospecting, moving and qualifying leads through the ...

Close