Threat Actors

Developed with


Threat Actors
1h 32m

Please note: this course has now been refactored into a learning path, which you can find here.


This is a beginner-level course designed to provide you with an introduction to Information technology security concepts. The course will suit anyone interested in understanding the fundamentals of security concepts from a business and technology perspective.  

Learning Objectives

In this course we will provide:

  • An introduction to the concept of Information Security
  • We will cover the basic concepts that pertain to Information Security
  • We then begin to answer the question - what is information security and why do we need it?
  • We then explore some of the frameworks, controls and activities we can implement to control information security 

Intended Audience

This course is intended for anyone who wants to learn the fundamentals of IT security.


This is a beginner level course where having a basic understanding of computing concepts will be useful 


Please reach out to us at with any questions, comments or feedback. 



Now let’s look at threat actors. First, we have cyber criminals, and obviously they're interested in finance, that's why they get into it, in the long-haul. Otherwise what would be the point?

Then there are politically-motivated hacktivists that have political affiliations of their own, or desires that they'd like to see come about as a result of their actions. So, one example of that would be Anonymous. We’ve got state-sponsored attackers.

Next, we’ve got hackers. Now, they come in a couple of different flavors, you've got makers, you've got coders. Makers make things, coders write code, those are the versions of professional hackers. Then we also have some other folk called script kiddies. Now, script kiddies don’t make the sort of applications that hackers will write for themselves, but they know how to use them. They might not understand all the applications’ capabilities but they know how to use them, and this is where you find your 17 year olds, your 12 year olds, sometimes even your security professionals that are actually just script kiddies. The term “script kiddies” sounds sort of disparaging, doesn’t it, but they're still very, very powerful because they have tools that they can use to do significant things. They simply don’t write the tools themselves, like professional hackers do.

Journalists. They sometimes use hacking techniques for investigative purposes.

Employees, staff or contractors, these are either accidental or deliberate, and may be motivated by money, so an individual acting for personal gain. Or perhaps a disgruntled employee acting out of revenge.

And then finally, we’ve competitors, and competitors will carry out attacks to get what they want.. What do they want? They want your money, they want your documents, they want sensitive information, classified information, so that they can corrupt and change that information so that they can cause embarrassments, so that they can degrade your services and DDoS you to bits. They want to make it unavailable to you, they want to embarrass other organizations, damage reputations, gain political personal advantages for themselves.

Every organization is a potential victim, as we all have something of value or that is worth something to others, mainly data. All organizations connected to the internet should assume they will be the victim of such attacks and they will, every organization gets attacked, every single organization gets attacked daily - it doesn't stop. 

Okay, right. So we've got people-based threats, this could be losing data from a software vulnerability incident, or an accidental leak by staff. Accidental leaks by staff can be a number of things, it could be them using your software in a correct way but your software breaking, but it then it's still their fault because they were using it. It could also be them just not being trained and doing the wrong thing. 

Accidental leaks. Then, it could look like they're a malicious insider but they were just curious and they picked up a USB stick or they were told to do something, or they were socially-engineered to do something. That could also be accidental on their part, because they were duped, it's a breach. Then you've got malicious insiders, those that actually don't like you, but they're inside your organization and they've got access just like these guys, and they've got access and will carry out malicious activities in your network.

Next, we have acts of God: fire, flood, and explosions, etc. most of which are most definitely people-based threats, they can happen for various different reasons.

So, insider threats, they're inside an organization. How can we stop them? If they're accidental, then we can use training for our staff to avoid accidental threats. However, if they're intentional, there’s not really much we can do about that, they're in there to do bad stuff in the first place.

How can we spot these threats and stop them? We can train staff and we audit our systems, and we lock down our systems, thereby only giving people access to what it is that they actually need in order to do their job, which we call least privilege. The principle of least privilege.

About the Author
Learning Paths

Originating from a systems administration/network architecture career, a solid part of his career building networks for educational institutes. With security being a mainstay his implementation he grew a strong passion for everything cyber orientated especially social engineering. The educational experience led to him mentoring young women in IT, helping them to begin a cyber career. He is a recipient of the Cisco global cyber security scholarship. A CCNA Cyber Ops holder and elected for the CCNP Cyber Ops program.

Covered Topics