Cyber Criminals (Organized Cybercriminals)
Cybercriminals are individuals or groups of people who use technology to commit cybercrime to steal sensitive company information or personal data and generate profits.
Hacktivists
Hacktivists are individuals or groups of hackers who carry out malicious activity to promote a political agenda, religious belief, or social ideology. Hacktivists are not like cybercriminals who hack computer networks to steal data for cash. They are individuals or groups of hackers who work together and see themselves as fighting injustice.
State-sponsored Attacker (APT Groups)
State-sponsored attackers have particular objectives aligned with either the political, commercial, or military interests of their country of origin. These types of attackers are not in a hurry. The government organizations have highly skilled hackers and specialize in detecting vulnerabilities and exploiting these before the holes are patched. It is very challenging to defeat these attackers due to the vast resources at their disposal.
Insider Threats
The insider threat is a threat to an organization's security or data that comes from within. These types of threats are usually occurred from employees or former employees, but may also arise from third parties, including contractors, temporary workers, employees, or customers.
Malicious Insider Threats
Malicious threats are attempts by an insider to access and potentially harm an organization's data, systems, or IT infrastructure. These insider threats are often attributed to dissatisfied employees or ex-employees who believe that the organization was doing something wrong with them in some way, and they feel justified in seeking revenge.
Cyber Terrorists
Terrorism, by its very nature, seeks out whatever means possible to proliferate fear, unrest, and discord across the globe. Cyber terrorists utilize an array of cyber weapons to disrupt critical services and commit harmful acts to further their cause. Generally speaking (though far from exclusively), they target the state operations, businesses, and critical services that will cause the most dramatic effect.
Individual users: This category focuses on individuals as victims. The threat actors steal and use stolen data, credit card numbers, online financial account information, or ss numbers.
Enterprises: This category of financial cybercrime focuses on enterprises and business org. Threat actors will attempt to steal research on a new product to sell it to another supplier which deprives the legitimate business of profits.
Governments: Governments are also the targets of threat actors. If military information can be stolen, it can be sold. Government information can also be stolen and published in front of its citizens to embarrass the government.
Hacktivists generally believe they’re acting altruistically for the public good. Similar to activism in our physical world, online activists seek to bring public attention to a cause that’s important to them in hopes they’ll invoke change. This often means exposing and correcting perceived injustices.
The nature of the perceived injustices might be political, social, or religious:
- Politically motivated hacktivism seeks to promote or upheave a political agenda, sometimes to the extent of anarchy.
- Socially motivated hacktivism sets out to expose social injustices, ranging from government censorship to human rights.
- Religiously motivated hacktivism acts in the name of a religious ideology and may seek to discredit or encourage the belief.
Despite any altruistic intentions, hacktivism attacks are hacking attacks, which means they’re illegal. But they’re also difficult to prosecute because they’re mostly conducted anonymously.
Unlike traditional hacking attacks, though, hacktivism attacks rarely have true malicious intent. In some cases, you might think of them as a form of antagonism, such as the way we might see graffiti on billboards.
Still, just as this is vandalism in real life, website defacing is considered cyber vandalism. This is just one example of the types of hacktivism that exist today.
- Anonymous blogging
- RECAP
- Website defacement
- Website redirects
- Website mirroring
- Denial of Service (DoS) or Distributed Denial of Service attacks (DDoS)
- Virtual sit-ins
- Leaks
- Doxing
- Geo-bombing