Types of attackers

As the world embraces more digital and hyperconnected components, opportunities and paths become more numerous for attackers to gain access to our most sensitive information. Data breaches have become commonplace, from banking to retail, healthcare to entertainment, and even government. No sector is immune.

The cyber black markets offers the computer-hacker tools and services to carry out cyber crime attacks and sell the stolen data: credit cards, personal data, and intellectual property.

Attackers, or ‘cyber threat actors’, can be grouped by their set of goals, motivation, and capabilities. Based on the motivation, these threat actors can be described as cyber terrorists, hacktivists, state-sponsored actors, and cyber criminals. The table below indicates the motivation of the dynamically changing attack profiles:

Changing attacker profiles: scale from recreational, criminal, hacktivist, organised crime to state sponsored Click image to enlarge

The videos below demonstrate two different types of attackers: firstly Charlton Floate could be identified as a ‘recreational’ hacker, gaining unlawful entry to an organisation or government system ‘for fun’. The second example, the attack on the UK National Health Service (NHS) in 2017, was rumoured to be the work of a state-sponsored attack.

This is an additional video, hosted on YouTube.

This is an additional video, hosted on YouTube.

The key principle with digital security is understanding what information you are holding, how you use the digital infrastructure to work with this information and therefore what types of attacks are most likely to be a concern.

For example, a competitor may wish to hack your systems to see what new products you are developing. This aligns with hacking government departments in terms of one country trying to find out what another country is doing. Or there is the opportunist trying to make some money by exploiting a weakness – theft of information to sell or ransom. There are many other reasons, but you need to consider not only the information you hold and who would be interested in it but also what happens if an internal person (eg member of staff) decides to leak information or ransom it?

The disgruntled employee can be a real threat as they already have system access.

Share this article:

This article is from the free online course:

The Cyber Security Landscape

Coventry University