What term describes an individual or group that attempts to exploit vulnerabilities in a system?

The term "Threat Actor" is commonly used in cybersecurity to refer to individuals or groups who exploit vulnerabilities in systems for malicious purposes. This term encompasses a wide range of entities, including cybercriminals, hackers, and even state-sponsored individuals, highlighting that it can refer to both organized groups and lone actors. The use of "Threat Actor" is significant because it emphasizes the intent and capability to exploit vulnerabilities, making it a key term in risk assessment and threat modeling within cybersecurity frameworks.

Contextually, while terms like "Intruder," "Adversary," and "Attacker" may describe similar entities, they can carry different connotations. An intruder often implies unauthorized access, but it may not necessarily indicate intent to cause harm or exploit vulnerabilities. Adversary could refer more broadly to any opposing force, not solely in the context of cybersecurity. Finally, while an attacker specifically indicates someone actively engaged in malicious activity, "Threat Actor" provides a more comprehensive term that aligns with the broader understanding of threats in the cybersecurity landscape.