An Attacker is an individual, group, organization, or government that executes an attack. Not to be confused with a vulnerability. An attack in the physical world might be someone who jumps out of the bushes to rob you with a knife. Whether you are vulnerable to the threat (the actor holding a knife) depends on whether you have significant martial arts experience. If you are a Black belt in Karate, you might not be vulnerable to the threat. If the threat is a gun instead of a knife, perhaps you become vulnerable.
In the same way, online threats are hacker organizations. They hack with many different tools and methods. Whether you are vulnerable depends upon you and your company’s preparations. Are your systems patched? Do you train and govern your staff on common attack methods so they can be spotted and deleted before causing a problem?
Related Term: Attack, Active Attacker, Exploit. Passive Attacker, Risk, Risk Management, Threat, Vulnerability
Synonym: Threat, Threat Actor
Source: Barnum & Sethi (2006), NIST SP 800-63 Rev 1
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
OAuth tokens don't expire when employees leave, passwords change, or apps go rogue. Your security program needs...
Read more
Most breaches don't start with a hacker in a hoodie cracking code at 3am. They start with your username and a...
Read more
Article Updates: As of May 6th 2026, every major U.S. AI lab, including Google DeepMind, Microsoft, xAI,...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
