I suspect most security professionals, me included, spend much more time analyzing the technical and mechanical aspects of cyber crime than the social and psychological ones. We dissect attacker’s malware and exploit tools, analyze their code and exploit techniques, but don’t always study who they are and why they do what they do. According to General Tzu, this is a good way to lose many battles.
In order to better understand the nature of the cyber threat, security professionals need to act more like criminal investigators, and consider means, motive, and opportunity. We’ve got the means down (tools and techniques), but some of us may need to work a bit on motive. One of the ways to do that is to understand the different hacker profiles.
Over the last few years, the general hacker profiles and motives have changed quite a bit. We no longer live in a world of fame seeking hackers, script kiddies, and cyber criminals—there are some new kids on the block. It’s important for you to understand these motive and profile changes, since they dictate what different types of hackers are ultimately after, whom they target, and how they tend to do business. Knowing these things can be the key to helping your understand which of your resources and assets need the most protection, and how you might protect them.
With that in mind, I’d like to share some quick highlights about the three main type of attackers I think plague us today:
1. The Hacktivist
Simply put, hacktivists are politically motivated cyber attackers. We’re all familiar with traditional activists, including the more extreme ones. Over the past five years, activist have realized the power of the Internet, and have started using cyber attacks to get their political message across. A few examples of hacktivist groups include the infamous Anonymous, and the more recent Syrian Electronic Army. Most hacktivist groups tend to be decentralized and often not extremely organized. For instance, there can be cases where one factor of Anonymous may do things another factor doesn’t even agree with.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.