Please enable JavaScript.
Coggle requires JavaScript to display documents.
Threat Actors, Vectors and Intelligence Sources - Coggle Diagram
Threat Actors,
Vectors and Intelligence Sources
Become familiar with
the different types of threat actors
Become familiar with
Vectors and types of
intelligence sources
Threat Actor
IS
a person or
group behind a threat/attack
Understanding different actor types
helps organization to protect
itself
Different businesses,
have different threats
Attackers
Also called
Threat Actors
Threat Actors
use Vectors
Vectors are where
vulnerabilities are located
Vectors
As in Attack Vector
space or Vector space
Networking
Wireless Connection
e.g. Rogue AP
Internet
Applications
Email and
Cloud platforms
Devices
Equipment
that doesn't function
correctly
Unexpected
behaviour
can be exploited,
exposes vulnerabilities
Can be Stolen or lost
Attacker now
has access to devices
Supply Chain
uses and sells devices
devices have their
own attack vectors
(circular)
Network
Internet
user behaviour
EX
Cameras,
smart devices etc
user Behaviour
bad usage
or incorrect usage
causes
unpredictable
behaviour in system
Threat Actor Attributes
Understanding threat
actors helps organizations
make better threat profiles
Exam Alert:
Knowing the relationship
will help with assessment of
threat actors
Leads to better
and informed protection/defence
for system
Things to
look out for when assessing
potential attackers
Typical Attributes
Reason to
attack
Motivation
Could be based
on relationship
Political (Idealogical)
or Financial
2 more items...
Soured relationship
or accidental incident
1 more item...
Capabilities
Available attack
resources
Depends on the
type of threat actor
Different actors
have different amount of resources
5 more items...
Types of Attackers
Threat Actor Types
Depends on Motivation
behind threat
Rivalry
Competitors
Interested in gaining
competitive edge
Information like Intellectual
property, Trade secrets
Political
Nation State
Targets
foreign companies
IS
sophisticated,
with a lot of resource
Government Sponsored,
hence the resources
Mischievousness
Script Kiddies
Not skilful and
don't know how to code.
Rely on other peoples tools.
Don't know how to
cover tracks
Dangerous because
unaware of consequences
or affects of what they do
Ignorance
Employee
Maybe unaware of
security policies
Inserting infected personal USB
into work laptop
EX
emailing
sensitive files to
their personal email
Soured Relationship
Malicious Insider
EX
Disgruntled employee
Social Issue
Hacktivists
Vigilantists
Animal Rights
EX
Anonymous
Financial
Criminal
Group
Criminals tend
to follow the money
Sophisticated
with large financial
backing
Hackers
Black hat
(Unuthorized)
Involved in Criminal
activity.
Has malicious intent
White hat
(Authorized)
Aka Ethical hacker
Use knowledge for good.
Work as pen testers
Grey Hat
(Semi Authorized)
Inbetween white and black
Difficult to define these types.
Typically don't follow all ethical
standards
Usually don't have
malicious intent
1 more item...
Some of these types
can be related.
Nation state may use
script kiddie
Attacking threats
give us data
We gain
Intelligence
Threat Intelligence
Data is used
security, defence,
prevention etc
EX
SOC analysts
Companies provide
their data
Indirect Source of
intelligence/
2nd Hand Intelligence
Closed or Proprietary
sources
commercial sources
Different sectors
provide share
intelligence with others
Sharing Centers
Information Sharing and Analysis Centers
(ISAC)
Information Sharing Analysis Organisation
(ISAO)
OSINT
(Open source
Intelligence)
Vulnerability Databases
Common,
Vulnerability
and Exposures
1 more item...
Find details directly
Dark Web
More info on
tactics, attack methods and
threat actors
attack.mitre.org
Indications or Evidence
of a breach
Known as Indicators of
Compromise (IOCs)
3 more items...
Formatting/Standards for
intelligence
Simplifies the data
and makes it easier to share
1 more item...
Originates
from Attack.mitre project
1 more item...
Visuals threat
representation
Threat Maps
Developers share
Code repositories
Social medai