Which group is included among common AI threat actors?

In AI security, the main threat actors come from groups that have both motive and access to disrupt or misuse AI systems. Insider threats are people inside an organization who already have legitimate access to data or models and may abuse that access. Nation-states pursue strategic advantages, espionage, or influence operations by deploying AI capabilities. Cybercriminals use AI to carry out fraud, ransomware, and other attacks more effectively or to produce convincing deepfakes. AI developers themselves can pose risk because those who design or train models might introduce backdoors, data leaks, or other vulnerabilities either intentionally or through insecure practices. These groups are highlighted because they combine the specific access, capabilities, and incentives that enable AI-related harm. By contrast, educators, medical professionals, and blockchain miners aren’t typically recognized as common AI threat actors in security frameworks, since they don’t routinely fit the same threat-motive or access profiles toward AI systems.