Analyze types of threat agents.

Analysis should include, but not be limited to

• script kiddies – unskilled attackers dependent on research and tools from others
• hacktivists – attackers with primary goals of bringing attention to a social or political cause or seeking vengeance for what they consider to be a political or societal wrongdoing
• insiders – employee, vendor, or other individual whose enhanced access facilitates theft, compromise, or damage
• criminal enterprises – organized attackers who target systems for monetary gain
• competitors or rogue corporations – organizations that engage in hacking against competitors with the intention of stealing intellectual property or gaining competitive advantages
• nation-state centric
• nation-state actors (i.e., an opposing cyber force) or ideological militants whose goal is to weaken, disrupt, or destroy the government.

Process/Skill Questions:

Thinking

• What threat does an ideological militant pose?
• What tactics are used by threat agents to commit identity theft and online fraud?

Communication

• What are some of the social causes to which hacktivists bring attention?

Leadership

• How can a leader ensure employees are prepared to handle a cybersecurity crisis?

Management

• How easily could a threat agent gain unauthorized access to your personal information?
• How much skill is needed to create a disruption or to cause damage to individuals? Businesses? Governments?

Teacher Resource:

• Industrial Control System Cyber Emergency Response Team Links to an external site. (ICS-CERT)