Their targets vary from small businesses and consumers, whom they attack opportunistically, to large enterprises and industry verticals, who they target with specific goals in mind. In a recent attack on the banking and credit card industry, a very organized group of cyber criminals was able to steal 45 million dollars globally from ATMs, in a highly synchronized fashion. The attack was made possible due to an initial, targeted network breach against a few banks and a payment processor company.
3. Nation states (or state-sponsored attackers)
The newest, and most concerning new threat actors are the state-sponsored cyber attackers. These are government-funded and guided attackers, ordered to launch operations from cyber espionage to intellectual property theft. These attackers have the biggest bankroll, and thus can afford to hire the best talent to create the most advanced, nefarious, and stealthy threats.
Nation state actors first appeared in the public eye during a few key cyber security incidents around 2010, including:
- The Operation Aurora attack, where allegedly Chinese attackers gained access to Google and many other big companies, and supposedly stole intellectual property, as well as sensitive US government surveillance information.
- The Stuxnet incident, where a nation state (likely the US) launched an extremely advanced, sneaky, and targeted piece of malware that not only hid on traditional computers for years, but also infected programmable logic controllers (PLCs) used in centrifuges. The attack was designed to damage Iran’s nuclear enrichment capabilities.
While you’d expect nation state attackers to have very specific targets, such as government entities, critical infrastructure, and Fortune 500 enterprises, they still pose some threat to average organizations as well. For instance, sometimes these military attackers target smaller organizations as a stepping-stone for a bigger attack. Furthermore, now that these advanced attacks and malware samples have started to leak to the public, normal criminal hackers have begun to adopt the advanced techniques, upping the level of traditional malware as well.
Understanding the motives, capabilities, and tools of these three hacker profiles gives you a better idea of what types of targets, resources, and data each one is after. This knowledge should help cater your defenses to the types of attacker you think are most relevant to the business or organization you protect.
Now that you know a little about your enemy, you can focus on getting to know yourself, and match your defenses to your most likely enemy. Once you’ve done that, you will not be imperiled in a hundred cyber battles.