# Understand attackers

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Previously, you were introduced to the concept of threat actors. As a reminder, a </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**threat actor**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> is any person or group who presents a security risk. In this reading, you’ll learn about different types of threat actors. You will also learn about their motivations, intentions, and how they’ve influenced the security industry.</span>

## <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Threat actor types</span>

### <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Advanced persistent threats**</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Advanced persistent threats (APTs) have significant expertise accessing an organization's network without authorization. APTs tend to research their targets (e.g., large corporations or government entities) in advance and can remain undetected for an extended period of time. Their intentions and motivations can include:</span>

- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Damaging critical infrastructure, such as the power grid and natural resources</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Gaining access to intellectual property, such as trade secrets or patents</span>

### <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Insider threats**</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Insider threats abuse their authorized access to obtain data that may harm an organization. Their intentions and motivations can include: </span>

- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Sabotage</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Corruption</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Espionage</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Unauthorized data access or leaks </span>

### <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Hacktivists**</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Hacktivists are threat actors that are driven by a political agenda. They abuse digital technology to accomplish their goals, which may include: </span>

- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Demonstrations</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Propaganda</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Social change campaigns</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Fame</span>

## <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Hacker types</span>

<div id="bkmrk-" style="box-sizing: border-box; -webkit-font-smoothing: antialiased; color: rgb(31, 31, 31); font-family: OpenSans, Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;"><figure contenteditable="false" role="figure" style="box-sizing: border-box; -webkit-font-smoothing: antialiased; display: block; margin: 0px !important;">![Six hackers on computers.](https://d3c33hcgiwev3.cloudfront.net/imageAssetProxy.v1/OHc71ylUQoWnWRkgeKXEgw_2c16d4ed0420478c938c9af9257ccff1_image1.png?expiry=1685664000000&hmac=f7UEspBi7F2rJozrONL1GrcsD764Mzk8IeKbEdjhhOQ)</figure></div><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">A</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> **hacker** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">is any person who uses computers to gain access to computer systems, networks, or data. They can be beginner or advanced technology professionals who use their skills for a variety of reasons. There are three main categories of hackers:</span>

- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Authorized hackers are also called ethical hackers. They follow a code of ethics and adhere to the law to conduct organizational risk evaluations. They are motivated to safeguard people and organizations from malicious threat actors.</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Semi-authorized hackers are considered researchers. They search for vulnerabilities but don’t take advantage of the vulnerabilities they find.</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Unauthorized hackers are also called unethical hackers. They are malicious threat actors who do not follow or respect the law. Their goal is to collect and sell confidential data for financial gain. </span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Note:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">There are multiple hacker types that fall into one or more of these three categories.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">New and unskilled threat actors have various goals, including: </span>

- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">To learn and enhance their hacking skills</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">To seek revenge</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">To exploit security weaknesses by using existing malware, programming scripts, and other tactics </span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Other types of hackers are not motivated by any particular agenda other than completing the job they were contracted to do. These types of hackers can be considered unethical or ethical hackers. They have been known to work on both illegal and legal tasks for pay.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">There are also hackers who consider themselves vigilantes. Their main goal is to protect the world from unethical hackers.</span>

## <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Key takeaways</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Threat actors and hackers are technically skilled individuals. Understanding their motivations and intentions will help you be better prepared to protect your organization and the people it serves from malicious attacks carried out by some of these individuals and groups. </span>

## <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Resources for more information</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">To learn more about how security teams work to keep organizations and people safe, explore the </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">[Hacking Google <svg aria-labelledby="cds-react-aria-43-title" class="css-6zc608" fill="none" focusable="false" height="16" id="bkmrk--1" role="img" viewbox="0 0 16 16" width="16"></svg>](https://www.youtube.com/playlist?list=PL590L5WQmH8dsxxz7ooJAgmijwOz0lh2H)</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">series of videos.</span>