DACS 2201 - Threat Actors, Attack Vectors, and Impacts

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/30

flashcard set

Earn XP

Description and Tags

Flashcards covering threat actors classifications, various attack vectors, and the impacts of cyberattacks based on lecture notes.

Last updated 1:40 PM on 5/18/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

31 Terms

1
New cards

Threat actor

An individual or entity responsible for cyber incidents against the technology equipment of enterprises and users.

2
New cards

Black hat hackers

Individuals with high computer skills who violate computer security and may cause damage for personal gain.

3
New cards

White hat hackers

Individuals with high computer skills who take permission to probe an organization's system for weaknesses and report the findings.

4
New cards

Gray hat hackers

Attackers who attempt to break into a system without permission to disclose the results to cause embarrassment and push for action, rather than for personal advantage.

5
New cards

Script kiddies

Individuals who perform attacks using freely available tools because they lack the technical knowledge to create their own.

6
New cards

Hacktivists

Attackers strongly motivated by ideology, principles, or beliefs who aim to make a political statement or push for change.

7
New cards

Insiders

A trusted employee, contractor, or business partner who may cause damage to an organization.

8
New cards

Industrial espionage

A category of threat actor where competitors launch attacks against their opponents.

9
New cards

Criminal syndicates

Groups of hackers, developers, and tech outlaws who collaborate to perform massive crimes such as heists, blackmail, and cyber terrorism.

10
New cards

State actors

Attackers sponsored by governments to launch cyberattacks against enemies, often equipped with state-of-the-art technology.

11
New cards

Advanced Persistent Threat (APT)

The deadliest type of attack, associated with state actors, involving multiyear intrusion campaigns targeting sensitive economic or national security information.

12
New cards

Attack vector

A pathway used by a threat actor to penetrate a system.

13
New cards

Supply chain

A network of vendors, manufacturers, warehouses, and retailers; an attack on its weakest link can propagate to other parts of the network.

14
New cards

Data loss

An impact of an attack where data is destroyed beyond recovery.

15
New cards

Data exfiltration

Stealing data for the purpose of distributing it to other parties, such as selling customer lists to competitors.

16
New cards

Data breach

Stealing data to disclose it without authorization, such as dumping account information on the public internet.

17
New cards

Identity theft

Taking personally identifiable information (PII) to impersonate someone else.

18
New cards

Social engineering

A means of gathering data by relying on the psychological weaknesses of individuals to affect them mentally and emotionally.

19
New cards

Impersonation

A psychological approach where an attacker pretends to be someone else, such as an employee calling IT support.

20
New cards

Phishing

Sending an email to trick a user into providing private information like passwords or bank account numbers.

21
New cards

Spear phishing

A variation of phishing that targets specific users.

22
New cards

Whaling

A phishing attack that targets wealthy individuals or executives in higher positions.

23
New cards

Vishing

A social engineering attack that uses phone calls instead of emails.

24
New cards

Smishing

A social engineering attack that uses texting or short message services (SMS).

25
New cards

Redirection

Directing a user to a fake site that looks like the original to generate profit from traffic and ads.

26
New cards

Spam

Unsolicited email sent to a large number of recipients, usually advertising fake or overpriced products.

27
New cards

Hoax

A false warning, such as a fake malware alert, intended to trick a user into deleting files or changing configurations.

28
New cards

Watering hole

An attack targeting a small group by infecting a common website they frequently visit, such as a supplier website.

29
New cards

Dumpster diving

A physical social engineering approach where an attacker looks through trash to find useful information.

30
New cards

Tailgating

A physical approach where an attacker follows an authorized employee into a building during a gate opening.

31
New cards

Shoulder surfing

Observing someone as they enter secret information, such as a password or an ATM PIN.