📚 Threat Types Explained 🚨
Brief Overview
This note covering information security was created from the Free CompTIA Security+
(SY0-701) Module 2 - Threat Types video.
The content examines threat actors, vulnerabilities, and security strategies through
theoretical analysis and practical examples.
Key Concepts
Vulnerability and its impact on system defenses
Understanding Threat Actors in practice
Exploit techniques for problem solving
Key Terms 🔑
Vulnerability – A weakness in an information system, security procedures, internal
controls, or implementation that could be exploited or triggered by a threat source.
Exploit – A method used to take advantage of a vulnerability in order to gain
unauthorized access or cause the system to perform an action desired by the attacker.
Threat – A malicious act intended to steal, cause harm, disrupt services, or produce
any other undesirable outcome for an organization.
Threat Actor – An individual, group, or entity that carries out a threat, either
intentionally or unintentionally.
Threat Actor Attributes 📊
Attribute Description Example Considerations
Internal vs. External Internal actors are people Employees, contractors vs.
within the organization; nation‑states, hacktivists.
, external actors are anyone
outside it.
Capability / Skills Approximate level of Script‑kiddie vs. advanced
technical knowledge, tools, persistent threat (APT)
and experience. team.
Resources Non‑financial assets such Access to botnets,
as computing power, time, dedicated servers, or a
and collaborative coordinated attack team.
expertise.
Funding Monetary support that can State‑backed budgets,
accelerate acquisition of cyber‑crime rackets, or
tools or services. self‑funded hobbyists.
Motivation Underlying reason driving • Malice – personal
the actor; can overcome vendetta or
other limitations. disgruntlement. <br>•
Chaos – desire to “watch
the world burn.” <br>•
Financial – profit from
theft or ransomware. <br>•
Political – advance
ideological or geopolitical
goals.
Types of Threat Actors 🎭
Lone Wolf 🐺
Operates independently, not as part of a larger group.
Popularized by movies/TV shows but rare in reality.
Usually possesses a single set of skills; more common for black‑ or gray‑hat
activities than for white‑hat work.
Hacker Shades 🎩
Hat Primary Permission Typical Constraints
Motivation Activities
, Black Hat Criminal or None Exploits No limits;
malicious gain (unauthorized) vulnerabilities seeks to cover
for theft, tracks.
disruption, or
espionage
White Hat Security Full Conducts Bound by Rules
(Ethical) improvement permission penetration of Engagement
from system testing, and defined
owner vulnerability scope of work.
assessments
Gray Hat Mixed motives None May breach a Operates in a
(e.g., curiosity, (unauthorized) system, then moral gray
notoriety) inform the area; actions
organization can be both
without helpful and
causing harmful.
damage
Additional Notes on Hacker Shades
White‑hat work results in a formal report to the client, outlining findings and
remediation steps.
Black‑hat attackers aim to remain undetected and rarely provide any follow‑up
communication.
Gray‑hat actors sometimes disclose findings (e.g., via email) after an
unauthorized intrusion, blurring ethical lines.
Prioritizing Threat Actors 📈
Organizations should profile likely threat actors by assigning the attributes
above.
Focus on more probable actors (e.g., internal users with high access,
well‑funded external groups).
Regularly reassess profiles as capability, resources, or motivation evolve.
🧑💻 Lone Wolf Threat Actor
Definition: An individual attacker operating alone, typically with limited resources and
personal motivation.
Brief Overview
This note covering information security was created from the Free CompTIA Security+
(SY0-701) Module 2 - Threat Types video.
The content examines threat actors, vulnerabilities, and security strategies through
theoretical analysis and practical examples.
Key Concepts
Vulnerability and its impact on system defenses
Understanding Threat Actors in practice
Exploit techniques for problem solving
Key Terms 🔑
Vulnerability – A weakness in an information system, security procedures, internal
controls, or implementation that could be exploited or triggered by a threat source.
Exploit – A method used to take advantage of a vulnerability in order to gain
unauthorized access or cause the system to perform an action desired by the attacker.
Threat – A malicious act intended to steal, cause harm, disrupt services, or produce
any other undesirable outcome for an organization.
Threat Actor – An individual, group, or entity that carries out a threat, either
intentionally or unintentionally.
Threat Actor Attributes 📊
Attribute Description Example Considerations
Internal vs. External Internal actors are people Employees, contractors vs.
within the organization; nation‑states, hacktivists.
, external actors are anyone
outside it.
Capability / Skills Approximate level of Script‑kiddie vs. advanced
technical knowledge, tools, persistent threat (APT)
and experience. team.
Resources Non‑financial assets such Access to botnets,
as computing power, time, dedicated servers, or a
and collaborative coordinated attack team.
expertise.
Funding Monetary support that can State‑backed budgets,
accelerate acquisition of cyber‑crime rackets, or
tools or services. self‑funded hobbyists.
Motivation Underlying reason driving • Malice – personal
the actor; can overcome vendetta or
other limitations. disgruntlement. <br>•
Chaos – desire to “watch
the world burn.” <br>•
Financial – profit from
theft or ransomware. <br>•
Political – advance
ideological or geopolitical
goals.
Types of Threat Actors 🎭
Lone Wolf 🐺
Operates independently, not as part of a larger group.
Popularized by movies/TV shows but rare in reality.
Usually possesses a single set of skills; more common for black‑ or gray‑hat
activities than for white‑hat work.
Hacker Shades 🎩
Hat Primary Permission Typical Constraints
Motivation Activities
, Black Hat Criminal or None Exploits No limits;
malicious gain (unauthorized) vulnerabilities seeks to cover
for theft, tracks.
disruption, or
espionage
White Hat Security Full Conducts Bound by Rules
(Ethical) improvement permission penetration of Engagement
from system testing, and defined
owner vulnerability scope of work.
assessments
Gray Hat Mixed motives None May breach a Operates in a
(e.g., curiosity, (unauthorized) system, then moral gray
notoriety) inform the area; actions
organization can be both
without helpful and
causing harmful.
damage
Additional Notes on Hacker Shades
White‑hat work results in a formal report to the client, outlining findings and
remediation steps.
Black‑hat attackers aim to remain undetected and rarely provide any follow‑up
communication.
Gray‑hat actors sometimes disclose findings (e.g., via email) after an
unauthorized intrusion, blurring ethical lines.
Prioritizing Threat Actors 📈
Organizations should profile likely threat actors by assigning the attributes
above.
Focus on more probable actors (e.g., internal users with high access,
well‑funded external groups).
Regularly reassess profiles as capability, resources, or motivation evolve.
🧑💻 Lone Wolf Threat Actor
Definition: An individual attacker operating alone, typically with limited resources and
personal motivation.
