An adversary or threat actor is the malicious person behind the machine:
- Nation-state hackers – as opposed to a hacker operating in a foreign country, these actors are state-sponsored. Some of them are characterized as Advanced Persistent Threats.
- Cyberterrorists – these can be state-sponsored as well, but are classified according to their targets, e.g. water, power, government infrastructure.
- Legal hackers – generally law enforcement or other government agencies.
- Script kiddies – this derogatory name refers to these actors’ use of pre-built tools or malware to attack targets, often without much knowledge of what they are doing. Some of them can be thrill seekers.
- Hacktivists – these actors act against their targets for political or social reasons.
- Suicide hackers – these actors are insiders at companies who may have been terminated or resigned, but want to cause damage to their targets.
- White hats, black hats, and grey hats – these are more general terms regarding the reasons for the hacking:
White hats are the “good guys,” usually working for a company that they operate in.
Black hats are the “bad guys,” usually working for self-interest and destructive.
Grey hats are those whom it is hard to classify in their operations.
The threat is the actual method or tool the attacker uses:
- Phishing, spearphishing, vishing, whaling, smishing, watering hole – variations on social engineering tactics
- Malware – these are only a few of the available malicious software:
- Rootkits or other exploit kits
- Distributed Denial of Service
- SQL injection, Cross-site Request Forgery – these are attacks on vulnerable websites.
- Man-in-the-middle attack
- DNS attack
- Rogue access point
- Zero-day exploit
- Dumpster diving
Tech Kahunas knows the needs of SMBs and organizations.
We’ll stay on top of the threats.
We’ll watch your data.
We’ll review your risks.
We’ve got years of this.