This document defines and describes different types of attackers and attacks on information security. It identifies hackers, crackers, script kiddies, spies, employees, hacktivists, and cyberterrorists as common attackers with varying levels of skill and motivations. Common attack types include social engineering, buffer overflows, password guessing, man-in-the-middle attacks, and denial of service attacks. Malware threats like viruses, worms, Trojan horses, and spyware are also outlined. The document concludes with descriptions of protection techniques like firewalls and discusses backdoors and rootkits as other access methods.