An adversary or threat actor is the malicious person behind the machine:
- Nation-state hackers – as opposed to a hacker operating in a foreign country, these actors are state-sponsored. Some of them are characterized as Advanced Persistent Threats.
- Cyberterrorists – these can be state-sponsored as well, but are classified according to their targets, e.g. water, power, government infrastructure.
- Legal hackers – generally law enforcement or other government agencies.
- Script kiddies – this derogatory name refers to these actors’ use of pre-built tools or malware to attack targets, often without much knowledge of what they are doing. Some of them can be thrill seekers.
- Hacktivists – these actors act against their targets for political or social reasons.
- Suicide hackers – these actors are insiders at companies who may have been terminated or resigned, but want to cause damage to their targets.
- White hats, black hats, and grey hats – these are more general terms regarding the reasons for the hacking:
White hats are the “good guys,” usually working for a company that they operate in.
Black hats are the “bad guys,” usually working for self-interest and destructive.
Grey hats are those whom it is hard to classify in their operations.
The threat is the actual method or tool the attacker uses:
- Phishing, spearphishing, vishing, whaling, smishing, watering hole – variations on social engineering tactics
- Malware – these are only a few of the available malicious software:
- Rootkits or other exploit kits
- Distributed Denial of Service
- SQL injection, Cross-site Request Forgery – these are attacks on vulnerable websites.
- Man-in-the-middle attack
- DNS attack
- Rogue access point
- Zero-day exploit
- Dumpster diving