Quiz Entry - updated: 2026.07.05
What are the main categories of threat actors in information security?
Threat actors range from frustrated insiders to intelligence agencies — anyone with motive and opportunity to misuse information.
Key threat actor categories:
- Frustrated employees — The #1 insider threat. Disgruntled staff with legitimate access can cause massive damage
- Intelligence agencies (e.g., Echelon, Onyx) — State-sponsored surveillance and espionage programs
- Industrial espionage — Competitors stealing trade secrets, R&D data, or client lists
- Hackers/Crackers — External attackers exploiting technical vulnerabilities
- Whistleblowers — Insiders leaking information they believe the public should see (e.g., Edward Snowden)
- Software developers — Can intentionally embed backdoors in code
- External contractors — Third-party staff with access but less loyalty/oversight
- System administrators — Have privileged access to virtually everything
Key insight: The biggest threats often come from inside the organization, not outside. Studies consistently show that insider threats account for a significant portion of security incidents.
Go deeper:
Threat actor (Wikipedia EN) — how attackers are categorised by motive, capability, and intent.
Insider threat (Wikipedia EN) — why people with legitimate access are so hard to defend against.