1. Friendly Tip: Please take notes to better remember concepts
In this video we
will learn about
Types of Threat
Actors and Attack
Vectors
Core Cyber Security Concepts
2. Threats can lead to attacks.
Threat is the act of an
attacker/actor. Threats are
something that may or may not
happen, but they have the
potential to cause serious
damage and they should be
taken seriously, regardless of the
source.
Threat
3. Threat Actors :
We'll be discussing the various types of threat actors and
they're categorized as follows:
Script Kiddies
A script kiddie is a relatively unskilled
person who uses scripts or programs
developed by others to attack
computer systems and networks and
deface websites. They just know how
to use these tools, but not know how
it necessarily works
4. Hacktivist
Hactivism, is the use of computer-
based techniques such as hacking as a
form of civil disobedience to promote a
political agenda or social change.
Hacktivists target government or
business organizations and leak data
or deface websites for a cause they
believe in.
5. Insider Threats
When it comes to Cyber Security,
more than often Humans are
considered as the weakest link. In big
businesses, corporate espionage is a
very real possibility and it's important
to ensure that necessary safeguards
are in place to prevent someone
inside the organization from stealing
data/ sabotaging the IT infrastructure.
6. Competitors
A rogue organization might
engage in cyber attacks and
inflict damage against a rival
organization by stealing
sensitive data or causing
disruption/sabotaging it's
operations in hopes of
gaining a advantage.
7. APT - Advanced Persistent Threat Groups
Simply put APT groups are very dangerous, an example of APT groups are state
sponsored hackers researching and targeting rival governments, and
sometimes business organizations get caught in the cross fire.
8. Attributes of Threat Actors
Location - external threat actor or insider ?
Intent or Motivation to carry out the attack - accidental or
intentional? for profit/ideals?
Capabilities of the Threat Actor - script kiddie or APT?
Threat analysis can be explained as the process of discovering
the attributes of a threat. When conducting threat analysis, you
should focus on finding out the threat Actor's:
9. Vulnerability refers to a flaw
in the system. It's a flaw that
can be taken advantage of by
attackers.
Vulnerabilities leave the
system/network open to
attacks.
Vulnerability
10. Risk can be explained as the
potential of damage being
caused to an asset (network
& IT infrastructure). It's tjhe
exploitation of a security
flaw/weakness by threat
agents.
RISK
11. Hackers
A hacker is a person skilled
in information technology
who uses their technical
knowledge to achieve a goal
or overcome an obstacle,
within a computerized
system by non-standard
means.
13. Types of Hackers A script kiddie is a relatively unskilled
person who uses scripts or programs
developed by others to attack
computer systems and network
Hacktivists target government or
business organizations and leak
data or deface websites for a cause
they believe in.
14. Attack Vectors
Attack vector can be
explained as the path
taken/tried by an attacker to
gain access and compromise
a secure system/network
Gaining access
allows/enables the attacker
to execute malicious code .
15. Direct Access
This type of an attack is physical in nature, the threat actor
could take advanatage of an unsecured workstation on site and
attempt/try to install malicious code or steal the device itself.
Removable Media
Threat agent tries to conceal malware on a USB device/memory
card and and uses it compromise the work station
Types of Attack Vectors:
16. Email
Attacker tries to send a malicious file via email in hopes that
it'll be downloaded on target system
Supply chain
Instead of directly attacking the target, the attacker infiltrates
it through the target's supply chain. If an accounting firm were
to accquire hardware from a low tier hardware supplier, the
attacker might try infecting the hardware with malicious code
which will be delivered to the target accounting firm.
17. Remote & Wireless
In this mode of attack, the attacker either obtains credentials
for gaining remote access to the network or find a alternative
way to get past the security protocols
Cloud Computing
A fair number of organizations are utilizing internet-connected
clouds and attackers might target these services to gain
access to the network
18. Web and Social Media Platforms
The attacker can disguise
the virus in files and
attach it to posts which
can be presented as a
download to the target.
Upon downloading the
malicious file, attacker
gains access