1. A hospital's internal network was accessed using a phishing email sent to the receptionist. The attacker didn't demand ransom but exfiltrated patient records and sold them on the dark web. What type of threat actor is most likely behind this attack?
2. A group launched a DDoS attack on a national government’s web services, protesting a new surveillance law. They used social media to gain support and shared their actions publicly. Who is most likely responsible?
3. An employee at a fintech company leaked customer financial data to a rival company after being denied a promotion. No external breach was found. Which type of threat actor fits this scenario?
4. A well-resourced group carried out a silent, long-term espionage campaign, targeting defense contractors. The attackers left almost no traces and used custom malware and zero-days. What is the most likely type of threat actor?
5. A teenager runs automated tools downloaded from the internet to deface random websites and brag online. No financial or political motivation is observed. What kind of threat actor is this?