CrowdStrike achieved infamy over the last few days, as it went in one instant from being a company that supplies technologies and services to protect companies from cybersecurity threats to being directly responsible for a massive global tech outage that impacted major banks, hospitals, supermarkets, telcos, media companies and other large enterprises and forced airlines to ground flights.
In cyber security, a threat actor refers to an individual, group, or entity that has the capability and the intent to carry out malicious activities against digital assets, information systems, or networks.
Threat actors vary widely in terms of their motivations, resources, and techniques and can include hackers, cyber-criminal organisations, nation-states state-sponsored entities, hacktivists, insiders, disgruntled employees, or even a competing organisation.
Although the threat landscape is dynamic, and new threat actors and TTPs continually emerge, we have observed some very specific trends in threat actors over the past few years.