Security Encyclopedia

Threat Agent

A Threat Actor or Threat Agent is a party that is responsible for, or attempts to bring about, harm to an organization. Threat actors may be internal, external, or partners in relation to their target, and their motives may vary.

Threat actors can be persons, groups, or entities and they are sometimes referred to as malicious actors. External threat actors are the most common and the most serious since the security incidents they bring about are almost always intentional, which is not the case for all actors. In addition, external threat actors are more inclined to act with malice as apposed to mischief or for “hacktivism”.

The terms threat actor, attacker, or hacker should not be used interchangeably as there are differences. Attackers are persons, groups, or entities attempting to cause damage using whatever tools are at their disposal, including non-technical tactics such as property descriptions to destroy data. Hackers use technology such as vulnerabilities and exploits against their targets.

Example:

“The source of this breach of sensitive communications is as-yet unknown but we suspect that it is the conduct of an external threat actor. Not only is our data being widely shared in a mocking, embarrassing fashion. It is also being circulated with claims of responsibility for it.”