A network of compromised devices used to perform coordinated attacks

Confidentiality, Integrity, Availability

Criminals can use it for identity theft, fraud, or extortion

Job functions or roles in the organization