Do you know who would most likely hack your information system? You may have never even thought of it.
Probably, your idea of what a hacker looks like, what they want and who they are has been heavily influenced by Hollywood renditions. Teenage boys in hoodies watching a green code. Antisocial computer whizzes. People in eerie white masks
Determined attackers constantly find new methods to outwit traditional security systems, using an arsenal of techniques to attack from every angle.
There are many different types of attackers, each with their reasons for doing what they do. Knowing who is behind your threats and their motivations can help you implement security measures to put them on the defensive.
This cyber criminal has a big budget and mad skills. As a state-sponsored actor, they are likely to target government, energy, defence and utilities targets – but they might not stop there. The 2014 Sony hack was attributed to state-sponsored hackers from North Korea.
It ended up costing Sony more than US $15 million
Their motivations are twofold: to disrupt and destabilize economic gain, including through IP theft. Attacks can, therefore, take several different forms, including malware, trojans and SQL injections, to steal, leak or alter data, prevent access to or damage information systems.
Two key things to remember about this type of attacker:
In short, a frightening foe to have.
This cybercriminal is purely in the game for the financial reward. Likely targets, therefore, include financial organisations and organisations, and with the rising use of ransomware, these are just the beginning. Healthcare providers have also found themselves at the mercy of these hacker types, with statistics suggesting 45% of all ransomware attacks in 2017 targeted the healthcare sector.
Money. Plain and simple. And they are well set up to get it.
Professional cyber mercenaries tend to be part of structured organisations.
"Syndicates are set up according to the division of labour principle adopted by many large companies. There are marketing, finance and IT departments, each of which contributes to the performance and overall success of the organisation.", writes Alex Rolfe for Payments Cards and Mobile.
These cyber criminals are well-resourced with organisations of the rest of the syndicate. For example, look no further than the case of Zain Qaiser, who earned almost a million pounds as part of a syndicate specialising in racks.
Hackers with inside knowledge can be particularly dangerous. Typically, an individual with insider knowledge works from the inside, and since they have an intimate understanding of your systems and processes, they can easily circumvent existing security protocols.
Hactivists are agenda-driven, whether political, religious or idealist. They will most likely want to disrupt, damage or destroy operations, not for any commercial gain but because they believe they are fighting injustice. The skill level of this type of attacker varies widely.
Often, they work in a group, as in the anonymous hacking of the official website of the state of Michigan to draw attention to the Flint water crisis.
Finally, there are those hackers who don’t have an agenda as such, but may stumble into doing real damage. They are both professional and hobby hackers. The latter, sometimes referred to as ‘Script Kiddies’, this type of attacker typically has a low skill level and will copy and paste available code to perform attacks, rather than knowing thow o create that code themselves. Although not as big a concern as the other personas mentioned here, the Opportunist types can still be dangerous.
You will sometimes see hackers being referred to by their hat colour. From our perspective, these personas don’t give you enough insight into the hacker’s motivation, but they are still worth knowing about:
Technology is advancing at unbelievable rates, and not always in a good direction. Cyber attacks are considered one of humanity's greatest threats, so it’s worth gathering as much information as possible about potential attackers.
Building hacker profiles helps us identify likely targets, their skills, and the defences we need to protect ourselves. The greater the accuracy and completeness of the persona, the better our chance of stopping them.