What Is a Threat Actor?

A threat actor, also known as a malicious actor, is any person or organization that intentionally causes harm in the digital sphere. They exploit weaknesses in computers, networks and systems to carry out disruptive attacks on individuals or organizations.

Most people are familiar with the term “cybercriminal.” It brings to mind thieves behind a ransomware attack, or murky images of personal information laid bare on the dark web. The term “threat actor” includes cybercriminals, but it is much broader. Idealogues such as hacktivists (hacker activists) and terrorists, insiders and even internet trolls are all considered threat actors.

Threat Actor Targets

Most threat actors are indiscriminate in choosing their targets. They look for vulnerabilities to exploit rather than individual people. In fact, mass scammers and automated hackers attack as many systems as possible and spread between networks like an infection.

Some cybercriminals go by the name “big game hunters” or “advanced persistent threats.” They intentionally attack specific high-value targets. They take time to study their target and conduct a specialized attack that is more likely to succeed.

Causes for Concern

No one is safe from becoming a threat actor’s target. Businesses and individuals alike face this risk. In fact, one study from the University of Maryland estimates a cyberattack occurs every 39 seconds.

In addition, threat actors advance just as fast as cybersecurity does. Your company’s malware security software may be up to date, but cybercriminals create new methods of attack every day. However, you can use threat intelligence to make faster, better-informed security decisions that strike back against threat actors.