In the two other Spotlight articles, we expose two nation-state hacker groups. However, not all cyberattacks are carried out by nation-states. Who else might these shadowy criminals be who aim at our society daily? 

This report from BAE Systems, an arms, security, and aerospace company, provides a classification of the main hacker types.

  • The mule is a casual criminal used by others to launder money. Mules are often provided with professional manuals on how to launder money. They can work from home, use free WiFi hotspots, and get payments to their bank accounts for their services. Mules are at the highest risk of arrest and prosecution.

  • The professional is a career criminal working from 9-5 at a company that may appear legitimate. But in reality, the company runs phone scams, writes software for other criminals, or may be engaged in other parts of the cybercriminal supply chain. 

  • The nation-state actor works for governments to target governments, individuals, and organizations. Some governments run their own army of offensive cyber attackers; others sponsor independent criminal groups. Nation-state actors may be motivated by nationalism or by money.

  • The activist engages in cybercrime for political, religious or social reasons. Activists often target those organizations whose purpose does not align with their values and beliefs. They are most likely to cause publicized destruction instead of quietly damaging an organization. The most famous cyber activist group is Anonymous.

  • The insider works at a given company and maybe a disgruntled employee, a spy, or a financially motivated adversary. Insider threats are problematic because they have already gained access to an organization, making it a very difficult cyber threat to tackle

  • The getaway is a very young individual who, even if caught, is too young to go to prison. Getaways are often manipulated and used by other criminals as proxies.

 

Why does this matter for businesses?

  • Knowing who might target a business may help strengthen its defences by putting in place measures that make life for certain hacker groups harder.

  • For example, the greatest cybersecurity concern of many companies is insider threat. To minimise the risk measures such as behavioural analytics to identify anomalous behaviour may detect and prevent insider activity.

 

Read the full article