What Are Threat Actors?

Sources of Risk


Sources of Risk can include any number of elements, however they can broadly be considered as:

  1. Threat Actors (Criminals, Hackers, etc.)

  2. Hazards (Explosives, Technology, etc.)

Threat Actors

Sources of risk (Threat Actors) can come from a multitude of sources. However, the following broad categories can be a useful framework for analyzing sources of risk in a consistent fashion.


PLEASE NOTE: There is an inherent limitation in seeking to definitively categorize Threat Actors. These individuals and groups often fit into several categories. Examples include an Insider who commits a serious crime being concurrently part of a Serious Organized Criminal (SOC) group, or an Issue Motivated Group (IMG) who demonstrates the behavior of a Petty Criminal etc.




Hazards

Some examples of potential hazards which could be used by Threat Actors.

  • Explosives (e.g. Improvised Explosive Devices)

  • Technology (e.g. Pineapple Tetra)

  • Radio frequency jammer

  • Unsecured microphones and cameras

  • Weapons (e.g. Guns, knives, etc.)

  • Software (e.g. hacking software, ransomware)

  • Hardware (e.g. electronic listening devices, keystroke loggers)

  • Nuclear (e.g. nuclear bombs or material)

  • Biological (e.g. White powder)

  • Radiological (e.g.radioactive ‘dirty bombs’)

  • Chemical weapons

  • Staff incompetence (e.g. inadequate IT security training)

  • Financial instruments (e.g. fraudulent invoices)

©2019 by Julian Talbot