Cybersecurity Fundamentals
Introduction to Cybersecurity The CIA Triad & Core Principles Cyber Threat Landscape Security Frameworks & Standards Cryptography Essentials
Progress: 0%
Cybersecurity Fundamentals

Cyber Threat Landscape

50 min

Understanding Cyber Threats

A cyber threat is any malicious act that seeks to damage data, steal data, or disrupt digital life. Understanding threat types is essential for building effective defenses.

Threat Actors & Their Motivations

THREAT ACTOR TAXONOMY ──────────────────────────────────────────── Script Kiddies → Low skill, use existing tools, fame Hacktivists → Ideology/political motivation Cybercriminals → Financial gain (ransomware, fraud) Insider Threats → Current/former employees Nation-State APT → Espionage, sabotage, warfare Cyber Terrorists → Mass disruption, fear ────────────────────────────────────────────

Major Malware Categories

  • Virus — Self-replicating code that attaches to legitimate programs
  • Worm — Self-propagating across networks without user interaction
  • Trojan Horse — Malicious code disguised as legitimate software
  • Ransomware — Encrypts victim files; demands ransom (Bitcoin) for decryption key
  • Spyware — Covertly monitors and transmits user activity
  • Rootkit — Hides malware presence, provides persistent privileged access
  • Botnet — Network of infected machines controlled by command-and-control (C2) server
  • Keylogger — Records keystrokes to capture passwords and sensitive data

Social Engineering Attacks

Social engineering exploits human psychology rather than technical vulnerabilities. It is the leading cause of security breaches:

  • Phishing — Mass fraudulent emails impersonating trusted entities
  • Spear Phishing — Targeted phishing tailored to a specific individual
  • Whaling — Spear phishing targeting C-suite executives
  • Vishing — Voice/phone-based social engineering
  • Smishing — SMS-based phishing
  • Pretexting — Creating a fabricated scenario to extract information
  • Baiting — Leaving infected USB drives in public places

Advanced Persistent Threats (APTs)

APTs are sophisticated, long-term attacks typically conducted by nation-states or well-funded criminal groups. They follow the Kill Chain:

APT KILL CHAIN (Lockheed Martin Model) 1. Reconnaissance → Target research, OSINT gathering 2. Weaponization → Create exploit + payload (e.g., malicious PDF) 3. Delivery → Send via email, web, USB 4. Exploitation → Trigger vulnerability to execute code 5. Installation → Deploy persistent backdoor/RAT 6. C2 → Establish command-and-control channel 7. Actions on Obj → Data exfiltration, sabotage, lateral movement

⚡ Real World

Notable APT Groups: APT28 (Fancy Bear — Russia), APT41 (China), Lazarus Group (North Korea). These groups conduct espionage campaigns lasting months to years before detection.

Previous
Login to Track Progress Next