Which of the following represents an attack source?
- threat actor
- attack vector
- action on objectives
- host file
A threat actor is anyone posing a threat through malicious activity. Some well-known threat actors globally are:
– APT10 – a Chinese group that has been around since early 2009. Their primary mission seems to be targeting defense contractors around the world.
– Turla – a popular Russian group most known for targeting government agencies around the world.
– Gosya – A popular Russian hacker who has been spotted selling the infamous Nuke Bot.
– Darkhotel – obtained their name from compromising hotel Wifi systems.
– Mr. Po Panda – This actor’s primary focus has been to deface company websites.
– ||JackSparrow|| – This actor is a member of a hacktivist group called Turk Hack. They try to claim themselves as researchers but have been known to conduct website defacements unexpectedly.
A host file is a file on a Windows machine that can contain manual IP address to name mappings.
The attack vector is not the individual. It is the method used by the threat actor. Attack vectors include:
– e-mail attachments
– Web pages
– pop-up windows
– instant messages
– chat rooms
Action on objectives refers to the goal of the hacker. For example, it might be to deliver a ransomware letter.