The article I am writing today I had already written a few days ago. However, I made a blunder, and it vanished. Always backup stuff. You save time!

Today I want to talk about classifying cybersecurity threats. Understanding our adversary is very important because it helps us to fight him. As Sun Tzu says:

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained, you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.

Sun Tzu

Internal vs. External

Most of us think that the greatest danger comes from outside. But, a lot of times, it is not valid! The biggest threats can be inside your organization. They are called disgruntled employees who can use their know-how to cause mayhem.

Level of Sophistication/Capability

Threats actors vary in their capabilities and skills. For example, script kiddies might use a well-known cyber tool to cause damage. Some state actors can wait for months to apply their unknown vulnerabilities to hack organizations and individual targets.

Resources/Funding

Threat actors also vary in resources available to them. For example, script kiddie has limited time and energy to harm. On the other hand, state actors can run attacks every day for months.

Intent/Motivation

Some do hacking for the thrill of it, and some do it for political goals. Attacks differ.