Threat actors and definitions

- [Instructor] In previous videos we covered what a hacker is, including the various types, and now we are going to get more in depth about various threat actors and what they mean. Let's start with defining what a cyber criminal is. Similar to regular run of the mill criminals you see in the movies or on TV, cyber criminals are not much different, except for their method of committing the crime. Cyber criminals still commit crimes, they just do it via digital means such as computers, mobile devices and the internet. They may steal personal and/or company data as a way to turn a profit or even exploit individuals or companies. Cyber criminals are not who you want to welcome into your networks or devices, though they are very good at finding and forcing their way in. You can't turn on the news nowadays without hearing of the latest data breach caused by these individuals or groups. A data breach as defined by Trend Micro, is an incident where information is stolen or taken from a system without the knowledge or authorization of the system's owner. A small company or large organization may suffer a data breach. Stolen data may involve sensitive, proprietary or confidential information, such as credit card numbers, customer data, trade secrets, or even matters of national security. So just how do these cyber criminals get into a network and breach data? Unfortunately, there are a number of ways, but one we will define here is via an exploit. An exploit is when there is a digital flaw or vulnerability that a cyber criminal has discovered and they are able to leverage said flaw or vulnerability to gain unwanted access to networks, systems, software, and more. Think of it like a criminal going door to door until they're able to find a broken lock or an open window that allows them to go inside and gain access to things that they want to take, while cyber criminals usually don't reside within the company, there are other threats to consider that do. The term for this is insider threat, which is when someone within the company or organization has access to private or confidential information, and they share this information both willingly and unwillingly with threat actors. The reason it can be unwillingly is if the insider accidentally divulges information or access to information without even realizing. A way to circumvent accidental data leakage is through various processes, technologies and even training. The other side of insider threat is when it is conducted willingly and with intention. There are very things that may motivate someone to turn on a company or organization in such a way they would share a secret or confidential information, including but not limited to personal injustices related to pay, performance or even leadership. There are even instances where individuals may be approached and incentivized to divulge this information from someone outside of the organization that could use it for personal gain. Similar to the concept of a mole, an insider threat can wreak havoc on your company environment.