We are under attack and attackers want access to our assets. Assets are anything of value to an organization, such as data and other intellectual property, servers, computers, smartphones, tablets, and more. In this article, we are going to be looking at the differences between a hacker and a threat actor. Follow me as we will look at that together in this article.
To better understand any discussion of network security, it is important to know the following terms:
| Term | Explanation |
|---|---|
| Threat | A potential danger to an asset such as data or the network itself. |
| Vulnerability | A weakness in a system or its design could be exploited by a threat. |
| Attack surface | An attack surface is the total sum of the vulnerabilities in a given system that are accessible to an attacker. The attack surface describes different points where an attacker could get into a system, and where they could get data out of the system. For example, your operating system and web browser could both need security patches. They are each vulnerable to attacks and are exposed on the network or the internet. Together, they create an attack surface that the threat actor can exploit. |
| Exploit | The mechanism that is used to leverage a vulnerability to compromise an asset. Exploits may be remote or local. A remote exploit is one that works over the network without any prior access to the target system. The attacker does not need an account in the end system to exploit the vulnerability. In a local exploit, the threat actor has some type of user or administrative access to the end system. A local exploit does not necessarily mean that the attacker has physical access to the end system. |
| Risk | The likelihood that a particular threat will exploit a particular vulnerability of an asset and result in an undesirable consequence. |
Risk management is the process that balances the operational costs of providing protective measures with the gains achieved by protecting the asset. There are four common ways to manage risk, as shown in the table:
| Risk Management Strategy | Explanation |
|---|---|
| Risk acceptance | This is when the cost of risk management options outweighs the cost of the risk itself. The risk is accepted, and no action is taken. |
| Risk avoidance | This means avoiding any exposure to the risk by eliminating the activity or device that presents the risk. By eliminating an activity to avoid risk, any benefits that are possible from the activity are also lost. |
| Risk reduction | This reduces exposure to risk or reducing the impact of risk by taking action to decrease the risk. It is the most commonly used risk mitigation strategy. This strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity that is at risk. |
| Risk transfer | Some or all of the risk is transferred to a willing third party such as an insurance company. |
Other commonly used network security terms include:
- Countermeasure – The actions that are taken to protect assets by mitigating a threat or reducing risk.
- Impact – The potential damage to the organization that is caused by the threat.
Note: A local exploit requires inside network access such as a user with an account on the network. A remote exploit does not require an account on the network to exploit that network’s vulnerability.
Hacker vs. Threat Actor
As we know, “hacker” is a common term used to describe a threat actor. However, the term “hacker” has a variety of meanings, as follows:
- A clever programmer capable of developing new programs and coding changes to existing programs to make them more efficient.
- A network professional that uses sophisticated programming skills to ensure that networks are not vulnerable to attack.
- A person who tries to gain unauthorized access to devices on the internet.
- An individual who run programs to prevent or slow network access to a large number of users, or corrupt or wipe out data on servers.
Good or bad, hacking is an important aspect of network security. In this course, the term threat actor is used when referring to those individuals or groups that could be classified as grey or black hat hackers.
Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include the staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training.
I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.
Fact Check Policy
CRMNIGERIA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.
|
