We all know that the cyber threat to our businesses is real but do we know the types of people behind the crimes, those behind the masks albeit virtual. We know the stereotypes of car thieves and bank robbers but what about hackers – is there an archetype, a persona we should be aware of? Of course, anyone anywhere could be a cybercriminal but let’s identify some basic categories of adversaries that are likely posing a threat to your data, infrastructure, finances and business.
Activists with some brute force hacking skill. These people are obsessed with their view point be it political, religious or other and they are willing to bypass the law to get their opinion out there. Hacktivists aim to pressure companies and governments to change their practices, often by holding them to ransom. They disrupt work life to ensure they have the maximum attention before making their agenda known. The data they steal can be used to hold businesses to ransom but aside from the initial loss of data, finance and whatever else there is often a long term damaging effect caused by these criminals to a company’s reputation and integrity.
Insiders are those within the business who purposefully or otherwise harm the companies cyber infrastructure. Often Insiders are just poorly trained; they take data home on USBs and lose it, they use weak passwords and share them, they download malicious software accidentally etc. Sometimes Insiders are malicious intently. They are in the best position to do real damage because they already have a large amount of security clearance and access. Malicious Insiders usually have personal financial motives and they look to monetise data they can freely access whilst at work. Some Insiders are collaborating with outside cybercriminals.
This type of criminal is often just testing the limits and pushing boundaries. They are too young to be prosecuted seriously and mainly want to show off to their friends and other more senior hackers with their abilities. Many Getaways are curious and over confident with it; they are easier to catch but are often unaware of the illegalities and consequences of their actions.
The Mule is the most likely to be caught as they act in the real world, turning the cybercrime of the hackers into real cash. This could involve making purchases with stolen card details or wiring funds illegally acquired into criminal’s accounts. The mule is often an opportunist looking to come by some easy money, a casual criminal who does jobs here and there for the pay. They often won’t understand the cybercrime that has taken place before their role comes into play, they carry out the final link in the chain that makes the online crime a financial success.
The professional cyber criminals are those relying on their crime to make a living, they commit crime for a day job and seek regular pay outs from it. These cyber criminals often work in organised groups and target financial details and data. An attack by professionals will seriously damage businesses’ reputation with customers and can result in large financial losses and costly legal suits. Professionals work in networks with consultants and specialists and some even have organised call centres to take people through bitcoin payment and data recovery in ransomware attacks.