[1] The term is typically used to describe individuals or groups that perform malicious acts against a person or an organization of any type or size.
Threat actors engage in cyber related offenses to exploit open vulnerabilities and disrupt operations.
[2] Since the dawn of cyberspace, individual, group, and nation-state threat actors have engaged in cyber related offenses to exploit victim vulnerabilities.
[3] Mass scammers and automated hackers include cyber criminals who attacks a system to gain monetary success.
[2] Criminal infrastructure providers are a group of threat actors that aim to use tools to infect a computer system of an organization.
[2] Big game hunters are another sub-group of cyber criminals that aim to attack one single, but high-value target.
Nation-state actors can be interested in a number of sectors, including nuclear, financial, and technology information.
Nation states are considered an incredibly large group of threat actors in the cyber realm.
[2] Hacktivists typically are individuals or entities that are ready to commit cyber crimes to further their own beliefs and ideologues.
[3] Many hactivists include anti-capitalists or anti-corporate idealists and their attacks are inspired by similar political and social issues.
Hacktivists are willing to break security laws to spread their message while terrorists aim to cause terror to achieve their goals.
[2] A thrill seeker is a type of threat actor that attacks a system for the sole purpose of experimentation.
Similar to thrill seekers, a troll is a type of person or group that attacks a system for recreation.
Organizations can try to gain a stronger knowledge of business intelligence to protect themselves against a competition threat actor.
[6] NIST typically classifies cyber threat actors as national governments, terrorists, organized crime groups, hactivists, and hackers.
[3][9] This report has identified the following threat actors: nation-states, cyber criminals, hactivists, terrorist groups, thrill seekers, and insiders.
[10] Japan - National Center of Incident Readiness and Strategy (NISC) The Japanese government's National Center of Incident Readiness and Strategy (NISC) was established in 2015 to create a "free, fair and secure cyberspace" in Japan.
It publishes a report on detected threat trends annually, containing results from their customers sensor systems.
This could be the external “bad guy” who launches a phishing campaign or an employee who leaves sensitive documents in their seat back pocket".
Threat actors conduct a DoS attack by overwhelming a network with false requests to disrupt operations.