Know Your Enemy: A Field Guide to Today's Threats

Financial institutions, credit bureaus, and maybe even the local fast-food chain who neglected to ask if they wanted "fries with that?" are all potential marks.

Unfortunately, that’s only incentive for this brand of hacker to get very, very good at getting access to the most lucrative kinds of personal data, profiting from that information, and moving on. Few things breed technical proficiency like pure profit motive, and these hackers are often part of highly organized, well-financed syndicates.

Cyber Warrior:

The network can serve as a battlefield, and there are the foot soldiers for state actors around the world.  And if you thought the organizations backing the financially motivated hackers above were well-financed, they don’t come close to the sort of the governmental backing you receive when you’re working in defense of your national interests...or your perceived interests, anyway. Trobough notes that the Cyber Warrior has a primary goal of misinformation and cyber warfare and a secondary goal of theft of proprietary intellectual property. While the thieves above generally target financial institutions and retail, Cyber Warriors go after the defense, government, utilities, and technology sectors.

It’s worth noting that Trobough also splits out another category for low-level, non-state actors who work on behalf of the state with many of the same goals as the Cyber Warrior. While the angle of attack and level of sophistication is different between the two categories, the goals are largely the same. In addition, there are plenty of developing nations whose state-run cyber divisions are probably no better financed or organized than some non-state actors around the globe, so we’ll call it a distinction without a difference.

Principled Idealist:

These are your so-called “hacktivists". They’re agenda-driven and generally anti-corporate or anti-government. They’re hard to pin down, because they operate in a decentralized, splinter cell fashion and have widely varied skill levels. Trobough notes that they are generally looking to upset the status quo by disrupting operations, though I would argue that stealing secrets and exposing them is also a big part of the mission for some of the better-known organizations (like Anonymous and WikiLeaks).

Targets generally include the government, defense, and technology sectors but they may also include specific targets where these bad actors simply feel compelled to lash out.  Financial institutions, credit bureaus, and maybe even the local fast-food chain who neglected to ask if they wanted "fries with that?" are all potential marks.

Malicious Insider:

Finally, there are the cyber threats coming from the insides of organizations that are generally driven by ideology, a quest for personal gain, or that perennial motivator: good, old-fashioned revenge. Employees and ex-employees who have access to passwords, trade secrets, and other inside information can do a world of damage when properly motivated.

In fact, insiders can do a boatload of harm to an organization even when they aren’t seeking to do so deliberately. I had a hard time finding precise estimates of the amount of monetary damage done every year by the actions of well-intentioned employees making mistakes or taking shortcuts, but anecdotal evidence from years of speaking with people throughout the communications industry would suggest that accidental harm is a major issue worth addressing right alongside intentional harm. Something as simple as leaving the default administrative passwords on network access points leaves the door wide open for bad actors to exploit. Without inside mistakes or oversights, networks are a heck of a lot harder to exploit than they would be otherwise, and you never can tell when a trusted employee might become an acquisitive or disgruntled one. It’s best to be prepared. The good news is that a well-designed security plan can help to cut down on both.

Developing a comprehensive security plan

I wager that most of you reading this article are principally concerned with the financially motivated hackers. If that’s the case, I would argue that the goal is not to design a network that is impervious to all outside threats. I mean, that could be the ideal, but there will always be a way in for a properly financed and motivated hacker. Instead, the goal is to create a system of defenses that make the trouble involved with cracking the network outweigh the potential gain.


Latest Updates

Subscribe to our YouTube Channel