Back to Glossary

Threat Actor

What Is Threat Actor?

A Threat Actor is an individual or group of individuals who are actively engaged in malicious activities, such as cyber-attacks, espionage, or sabotage. Threat Actors can be state-sponsored or independent, and their motivations can range from financial gain to political agendas. They commonly use social engineering and phishing as primary attack vectors.

Description

Threat Actors can be categorized by their motivations, capabilities, and tactics. State-sponsored Threat Actors are typically well-resourced and conduct espionage or sabotage on behalf of their government. Criminal Threat Actors are motivated by financial gain and typically conduct activities such as ransomware attacks or data theft. Hacktivist Threat Actors are motivated by political or ideological goals and typically conduct activities such as website defacement or denial-of-service attacks.

Usage and Examples

Threat Actors can target any organization or individual with valuable data or systems. Examples of Threat Actors include nation-state groups such as APT28 (Fancy Bear) and APT29 (Cozy Bear), criminal organizations such as FIN7 and Evil Corp, and hacktivist groups such as Anonymous. Organizations can protect themselves from Threat Actors by implementing strong security controls, monitoring their networks for suspicious activity, and developing an incident response plan.

Access control

Advanced Persistent Threat

Application Penetration Testing

Attack Surface

Botnet

Business Email Compromise (BEC)

BYOD

CIS Controls

CIS RAM

Cloud computing

Cloud Security

COBIT

Cryptocurrency

Cryptojacking

Cyber Attack

Cyber Maturity Model Certification (CMMC)

Cyber Threat Intelligence

Darknet

Data Breach

Data Loss Prevention

DDoS Attack

Declaration of Conformity

DMZ

Encryption

Endpoint

Endpoint Detection and Response

Ethical Hacking Tools

Firewall

FISMA

Gap analysis

GDPR

Hacker

HIPAA

Hypervisor (VMM)

Identification

Identity Theft

Incident Response

Infrastructure-as-a-Service (IaaS)

Initial Access Brokers

Internal Penetration Testing

Intrusion detection system (IDS)

Intrusion Prevention System (IPS)

ISO 27001

Keyboard logger

Macro virus

Malicious Apps

Malware

Managed Detection and Response (MDR)

MTTD and MTTR

Multi-Factor Authentication (MFA)

Network Firewall

Network Penetration Testing

Network Security

Network Security Assessment

NIST Cybersecurity Framework

Password

Password Cracking

PCI DSS

Penetration Testing

Phishing

Platform-as-a-Service (PaaS)

Privilege Escalation

Proxy server

Ransomware

Ransomware-as-a-Service

Red Team Vs. Blue Team

Risk assessment

Secure Shell (SSH)

Security Control

Security Information and Event management (SIEM)

Security Operations

Security Operations Center (SOC)

Security Orchestration Platform

Security Orchestration Tools

Security Perimeter

Security Policy

Session Hijacking

Shadow IT

Social Engineering

Spear Phishing

Spoofing

Spyware

Static Application Security Testing

Strategic Advisory

Supply Chain Attack

Threat Actor

Threat Hunting

Threat Management

Threat & Vulnerability Management

Trojan Horse

Two-Factor Authentication

UEBA

User Account

Vishing

VPN

Vulnerability Management Tools

Vulnerability Scanning

Whaling

Whitelisting

Wireless Security

Previous term
No previous terms!
Next term
No next terms!

Start Playing Offense to Play Better Defense

Copyright © 2026 Evolve Security. Evolve Security is trademarked in the United States.
312-957-5682
123 N. Waker Dr., Suite: 2125 Chicago, IL 60606
info@evolvesecurity.com
Connect
Contact UsRequest a demo
Services
Services OverviewAI Penetration TestingApplication Penetration TestingCloud Penetration TestingNetwork Penetration TestingEmbedded SystemsRed TeamAdvisory
Platform
Darwin Attack OverviewRisk ScoringAsset & Threat IntelligenceHuman-In-The-LoopDashboards & ReportingPlatform Integrations
Resources
BlogsEventsVideosPodcasts
Company
AboutCareersEvolve AcademyPartner Program
Privacy PolicyTerms of ServiceVulnerability Disclosure PolicyReport Issue
AICPA SOC logo with text 'SOC for Service Organizations | Service Organizations' and website aicpa.org/soc4so.