Threat Actor
A threat actor is any individual, group, or organization that conducts malicious cyber activity. Threat actors are classified by motivation (financial, espionage, hacktivism), capability (nation-state, organized crime, script kiddie), and targeting patterns. Attribution helps predict future attack patterns.
Frequently Asked Questions
What is Threat Actor?
A threat actor is any individual, group, or organization that conducts malicious cyber activity. Threat actors are classified by motivation (financial, espionage, hacktivism), capability (nation-state, organized crime, script kiddie), and targeting patterns. Attribution helps predict future attack patterns.
How is Threat Actor related to TTP (Tactics, Techniques, and Procedures)?
Threat Actor and TTP (Tactics, Techniques, and Procedures) are both key concepts in threat intelligence. TTPs describe the behavior of threat actors: the high-level goals they pursue (tactics), the specific methods they use to achieve those goals (techniques), and the detailed, repeatable actions that implement those methods (procedures). The MITRE ATT&CK framework catalogues TTPs used by real adversaries.