A short-term, easily detected cyberattack.

A sustained attack where a threat actor infiltrates a network and attempts to remain undetected.

A random act of cyber vandalism.

A type of phishing scam targeting individuals.

Individual, unsophisticated hackers.

Well-funded actors, such as organized cybercriminals or hacktivist groups.

Amateur gaming communities.

Everyday internet users.

By guessing common passwords.

By physically breaking into a data center.

By exploiting attack vectors like unpatched vulnerabilities.

By sending out generic spam emails.

To immediately corrupt all data.

To establish persistence, sometimes by deploying a backdoor to maintain long-term access.

To alert the target organization to their presence.

To perform a denial-of-service attack.

Their loud and obvious nature.

Their lack of focus.

Their persistence and precision.

Their dependence on easily detectable tools.

Random targets to maximize chaos.

Highly specific organizations or industries, targeting strategic individuals to gain access to high-value systems and data.

Any available computer on the internet.

Publicly accessible websites.

They immediately reveal themselves.

They move laterally across the network to access more information, carefully evading detection tools.

They only target a single computer.

They demand ransom immediately.