“Know thine enemy” is more than just a pithy quote from antiquity; it’s a clarion call for the modern age of cybersecurity concerns, which grow ever more drastic, ever more meticulous, and ever more focused with each passing year.
In a world in which all manner of personal and business affairs are conducted online, and in which the realm of big data, AI, and interconnectivity grows increasingly complex and advanced, we have a responsibility to learn from the cyberattacks of the past and present, and to endeavor to stay one step ahead of cybercriminals seeking to do us harm.
The Key Categories of Threat Actors
Creating robust and reliable defense depends upon profoundly understanding not only the motivations of cybercriminals, but also their aims and the methods they are innovating day by day. In cybersecurity terms, the “enemy” we must gain knowledge of is known as the “threat actor” - a term which might refer to lone agents, organized criminal groups, or entire entities seeking to impact the security of an individual or organization.
Make no mistake: cybercrime is on a seemingly unstoppable rise. Massive data breaches are becoming more and more commonplace, and everyone from independent businesses to government agencies are being increasingly targeted. With over $6 trillion in damages committed by cybercriminals thus far, it has never been more important to glean insight into the types of threat actors out there, and those who will pose a threat in the coming year says Cybersecurity Ventures.
In the U.S. alone, over 3,138,420 GB of internet traffic is generated every minute, and as that reliance grows, we must think more cautiously about our online security. We live in an age wherein internet use has become an essential aspect of both work and play for individuals and businesses alike. Risk accompanies everything from a simple shopping session to sitting down to work first thing in the morning. Let’s take a look at exactly who out there is trying to perpetrate malfeasance against your time spent online and what we should all be more vigilant towards.
1). Organized Cybercriminals
Crime is a fact of life,and organized criminal gangs have long since turned to cybercrime as a means to line their pockets and gain control over businesses and agencies of all types and backgrounds. The rise of cryptocurrencies has gone some way towards both encouraging cybercrime and tackling it, yet cybercriminals have proven adept at staying one step ahead of security innovations and protocols.
These types of people are after straight up financial gain. The data they steal will show up on the black market, ready to be sold on to the highest bidder. Their primary weapon of choice is ransomware, which has seen a dramatic increase in 2020, and which is used for old-fashioned extortion in a contemporary setting. Cybercriminals and gangs generally aim their attention at cash-rich or data-rich businesses, although individuals and home networks have been known to come under fire as well.
2). Cyber Terrorists
Terrorism, by its very nature, seeks out whatever means possible to proliferate fear, unrest, and discord across the globe. Cyber terrorists utilize an array of cyber weapons to disrupt critical services and commit harmful acts in order to further their cause. Generally speaking (though far from exclusively), they target the state operations, businesses, and critical services that will cause the most dramatic effect.
3). Inside Agents and Bad Actors
Infiltrators and cybercriminals are often closer to home that we think. Certain threat actors will infiltrate a workforce, or express grievances via criminal activity, or turn insiders towards their cause with the promise of financial reward. This is an especially malevolent threat, due to the fact that insiders have privileged access. As this method’s popularity has grown, organizations are learning that they must be on guard against the risk that their own employees might turn against them. Disgruntled former employees are especially targeted by bad guys.
4). State-Sponsored Threat Agents
Cybercriminals who fall into this category are either directed or funded or both by nations and national governments. They’ve been known to exfiltrate data, steal sensitive information, and redirect funds as part of national espionage programs. Their goal is to spy on or steal from businesses or governmental bodies in order to further the interests of an enemy nation.
5). Script Kiddies
Don’t let the cute name fool you. Script kiddies are threat actors without the skill or knowledge required to design bespoke penetration tools, and yet will happily purchase or borrow the tools of other attackers in order to infiltrate systems. They’ll generally seek out system weaknesses and take advantage of vulnerabilities in order to vandalize computer systems, wreaking indiscriminate damage.
6). Hacktivists
Ideologies are powerful, and in an era of increased awareness-raising, there has been an unprecedented rise in hacktivism or hacking with the goal of raising awareness about particular topics, whistle-blowing, or exposing secrets. WikiLeaks is probably the most well-known example of hacktivism, which was founded with the expressed intention of exposing secrets and altering perceptions of government activities.
7). Human Error
To err is human, and the simple truth is that not all threat actors are either malicious or intentional. Despite this, mistakes - even seemingly benign ones - have the potential to cause massive damage to business networks. Internal user errors also result in system vulnerabilities which can then be taken advantage of by other threat actors. As with all criminals, many cybercriminals are opportunists who rely on errors, mistakes, or laziness when it comes to security protocols and love a badly managed network.
Threat Actors Are Here to Stay
Crime of this ilk will never be eradicated. Some might argue that threat actors and cybercriminals perform an essential service for the furthering of security systems and online safety protocols - in essence, we learn from our mistakes, and can rectify them in order to ensure we stay secure.
Understanding both the types of threat actors out there and their motivations forms an essential step for any individual or business’ cybersecurity processes. Pre-empting their moves, identifying your system vulnerabilities, and anticipating where attacks might come from allows us to map our defenses and protect ourselves for the future.
About the Author:
Bernard Brode is a product researcher at Microscopic Machines and remains eternally curious about where the intersection of AI, cybersecurity, and nanotechnology will eventually take us.