With cybersecurity, an actor, malicious actor, or threat actor is anyone capable of affecting your computer or network security.
Types of threat actors
When describing a threat actor, they'll fall into one of the following four categories.
A cybercriminal is an individual or group who participates in a computer crime against a person or company for financial reasons. For example, a cybercriminal may attack a company, infect its software with ransomware, and hold their data hostage until a certain sum is paid.
An insider threat is a person employed by a company or who was employed by a company that they attack. For example, an insider may steal and distribute company-sensitive information to a competitor, which could include security-related information.
An insider isn't specific to only a company. If you share your computer, smartphone, or other devices with a spouse, child, or anyone else, they can also intentionally or unintentionally be an insider threat.
A hacktivist participating in hacktivism is another type of threat actor. For example, a hacktivist may not agree with your political views and perform a DoS attack against your home or work computer.
A nation-state is a country that targets its own or other nations' citizens or institutions to spy on them, steal data, or damage the economy. For example, a nation-state may install malware on a journalist's smartphone to spy on them or find out about informants.