Thanks to my colleague Shelly Mills for writing this post on the people behind cybercrime.
Have you ever wondered who is responsible for data breaches, viruses, phishing scams, and so on?
The people who are responsible for cyber security incidents are called Cyber Threat Actors. And the way in which they get to you is called an Attack Vector (examples of attack vectors include malware, social engineering, vulnerabilities in software – basically, any method Cyber Actors use to access data).
So, who are the people carrying out cyber crimes?
A few common cyber threat actors are detailed below.
Hacktivists
Who are they? Political activists that capatilise on the capabilities of the internet, and use technology to promote their agenda. Prominent examples are WikiLeaks and Anonymous.
Motivation: political.
Aim: Their aim is usually disruption, broadcasting information, and gaining attention for their cause.
Common attack vectors: Distributed Denial of Service (DDoS), website defacement.
Motivation: political.
Aim: Their aim is usually disruption, broadcasting information, and gaining attention for their cause.
Common attack vectors: Distributed Denial of Service (DDoS), website defacement.
Nation-State Cyber Actors
Who are they? Nation-State actors work for governments or receive direction/funding/assistance from nation-states.
Motivation: political, espionage, economic, military.
Aim: steal industry information or research, gain information on another government/policy plans, disrupt critical infrastructure
Common attack vectors: Spear-phishing, social engineering, targeted malware
Motivation: political, espionage, economic, military.
Aim: steal industry information or research, gain information on another government/policy plans, disrupt critical infrastructure
Common attack vectors: Spear-phishing, social engineering, targeted malware
Criminal Cyber Actors
Who are they? Criminal cyber actors are, simply, criminals. They use the cybers to enable them to commit crime more efficiently and effectively. They may be lone wolves or work in groups, such as organised crime syndicates.
Motivation: financial gain.
Aim: use the internet to assist in committing their crime.
Common attack vectors: Social engineering, phishing, Business Email Compromise (BEC), password attacks, malware, ransomware, botnets.
Motivation: financial gain.
Aim: use the internet to assist in committing their crime.
Common attack vectors: Social engineering, phishing, Business Email Compromise (BEC), password attacks, malware, ransomware, botnets.
....................................................................................................................................
