A disgruntled employee with access to sensitive systems intentionally deletes key files, causing disruption to business operations. Which type of threat actor does this scenario describe?

The scenario describes an insider threat because it involves a current employee who has authorized access to sensitive systems and takes malicious action against the organization. Insider threats are particularly concerning because these individuals already possess the necessary knowledge and access to exploit vulnerabilities within the system, making their actions difficult to detect until damage has occurred. In this case, the disgruntled employee deliberately deletes key files, indicating their intention to disrupt operations from within the organization.

In contrast, hacktivists typically engage in cyber activities driven by political or social motives rather than personal grievances against their employers. Organized crime often involves more structured and collaborative groups focused on financial gain rather than individual actions arising from personal discontent. Competitors might engage in espionage or sabotage but wouldn't do so from within the organization or by utilizing legitimate access to systems. Thus, the defining factors of intentional harm by someone with internal access clearly align this scenario with an insider threat.