"Hacking is an unauthorized intrusion into a computer or a network, and the person who is engaged in hacking activities i.e. who may alter system or security features to accomplish a goal that differs from the original purpose of the system is known as a hacker. And, hacking also refer to non-malicious activities, usually involving unusual or improvised alterations to equipment or processes.
Threat Agent term is used to indicate an individual or group who can manifest a threat and it is fundamental to identify who would want to exploit the assets of a company, and how they might use them against the company. Also, practically anyone and anything i.e. individuals within a threat population under the right circumstances can be a threat agent.
Threat agents can take one or more of the following actions against an asset like
1 Access – simple unauthorized access
2 Misuse – unauthorized use of assets (e.g., identity theft, setting up a porn distribution service on a compromised server, etc.)
3 Disclose – the threat agent illicitly discloses sensitive information
4 Modify – unauthorized changes to an asset
5 Deny access – includes destruction, theft of a non-data asset, etc."