Understanding Cisco Cybersecurity Operations Fundamentals: Threat Actor Identification

Threat Actor Identification


A company receptionist received a threatening call referencing stealing assets and did not take any action assuming it was a social engineering attempt.

Within 48 hours, multiple assets were breached, affecting the confidentiality of sensitive information.

What is the threat actor in this incident?



Click on the arrows to vote for the correct answer

A. B. C. D.


Based on the scenario provided, the threat actor in this incident is most likely to be the "perpetrators of the attack" (option C).

Here's why:

  • The scenario mentions that the receptionist received a threatening call, which indicates that there was a malicious actor who initiated the call.
  • The threat actor referred to stealing assets, which suggests that the motive behind the attack was to compromise the company's assets.
  • The fact that multiple assets were breached within 48 hours after the threatening call strongly suggests that the call was not a social engineering attempt, but rather a prelude to an actual attack.
  • The breach of sensitive information also indicates that the attack was likely carried out by a skilled and determined threat actor, rather than a casual attacker.

Therefore, the most reasonable conclusion is that the threat actor in this incident was the "perpetrators of the attack" (option C).