Identification should include, but not be limited to
- script kiddies
- unskilled attackers who do not have the ability to discover new vulnerabilities or write exploit code and are dependent on the research and tools from others. Their goal is achievement. Their subgoals are to gain access and deface web pages.
- hacktivists
- attackers with primary goals of bringing attention to a social or political cause or seeking vengeance for what they consider to be a political or societal wrongdoing; skills of hacktivists can range from script kiddies to professional and/or sophisticated hackers.
- malicious insiders
- a disgruntled organization insider is a principal source of computer crime. Insiders may not need a great deal of knowledge about computer intrusions because their knowledge of a target system often allows them to gain unrestricted access to cause damage to the system or to steal system data. The insider threat also includes outsourcing vendors as well as employees who accidentally introduce malware into systems.
- criminal enterprises
- attackers target systems for monetary gain. Specifically, organized crime groups are using spam, phishing, and spyware/malware to commit identity theft and online fraud. International corporate spies and organized crime organizations also pose a threat to the United States through their ability to conduct industrial espionage and large-scale monetary theft and to hire or develop hacker talent.
- competitors or rogue corporations
- an organization that engages in hacking against competitors with the intention of stealing intellectual property or gaining financial competitive advantages.
- nation-state sponsored
- the goal is to weaken, disrupt, or destroy the United States. Their subgoals include espionage for attack purposes, espionage for technology advancement, disruption of infrastructure to attack the U.S. economy, full scale attack of the infrastructure when attacked by the United States to damage the ability of the United States to continue its attacks.
- ideological militants.
Teacher Resources:
Process/Skill Questions:
- What is a threat agent?
- What are different types of threat agents?
- How are these threat agents able to initiate an attack?