Each type of attacker has different motivations, techniques, and targets; thus, understanding these will enable organizations to effectively implement their strategies in security. This section discusses the different categories of attackers, with real-life examples in order to show methods and impacts.
1. Hackers
Definition and Motivation: Hackers are the ones who find the vulnerabilities in systems and networks of computers. They can be segmented further into different groups based on their intentions: ethical hackers (white hats), malicious hackers (black hats), and gray hats who fall somewhere in between.
Example: A company might hire an ethical hacker to do some penetration testing, to locate weaknesses in a system before a malicious hacker discovers and exploits them. Conversely, a black hat hacker may gain unauthorized access to a financial institution with the objective of stealing customer’s sensitive information for personal benefit.
2. Script Kiddies
Understanding Script Kiddies: These are unseasoned hackers who use either pre-developed scripts or tools created by others to conduct their attacks; they are usually with minimal capability of developing their own hacking tools. Normally, they just look for low-hanging fruits.
Example: A script kiddie might use an openly available DDoS tool to flood a website with traffic until it crashes. While their attacks might not be sophisticated, they can be caused on a pretty large scale. 3. Outsiders
3. Outsiders
Outsiders are individuals or groups who should not have access to organizational systems. They may also include cybercriminals, hacktivists, and state-sponsored attackers who attempt to exploit vulnerabilities for their own gain.
Example: A cybercriminal may only hack into the credit card database of a retail company, but a state-sponsored attack may target a government agency for intelligence.
4. Insiders
Insider threats can be defined as those threats initiated by individuals from within the organization, including employees, contractors, and business partners. These might be malicious, accidental, or due to negligence.
- Malicious Insiders: Those employees who intentionally cause harm because they have some grievance against the organization.
- Accidental Insiders: Employees who, by mistake, cause a security breach and may even disclose sensitive information to unauthorized people.
- Negligent Insiders: Employees who know a security policy and simply choose to disregard it, thus opening up vulnerabilities to the organization.
For example, an angry employee might disclose sensitive company information to a competitor company, while an unintentional internal threat could send an email with critical data attached to a wrong email address by mistake.
5. Hacktivists
Motivation and Goals: A hacktivist is an individual or group who hacks due to political motives, social movement, and ideological beliefs. Most of the time, these hackers want to increase awareness or protest against something they perceive as an injustice.
Example: An environmental activist organization may conduct a cyberattack on an organization that they feel is an environmental criminal by defacing the website of the company or releasing sensitive information to the public.
6. Bots and Botnets
How Bots and Botnets Work: Bots are programs that have become automated in performing tasks. A botnet is a large number of devices infected with malware to which an attacker can control. A botnet can be used in a large-scale attack such as a DDoS.
Example: A hacker might instruct thousands of infected devices in a botnet to overwhelm a website with traffic with the objective of knocking that website offline.
7. Phishers and Spear Phishers
Defining Phishing Attacks: One approach attackers use is called phishing, where an attack pretends to be a trusted entity in hopes of fooling people into supplying sensitive information about themselves such as a login ID and password, or financial information.
- Phishing: It is a more generalized attack aimed at the en-masse audience via emails, for example.
- Spear Phishing: These are focused attacks against particular persons or organizations, using previous personal information to make it seem more credible.
Example: An e-mail phishing would appear to come from a bank requesting verification of the account holder’s information. On the contrary, a spear phishing attack would involve an email apparently from a trusted colleague to the chief financial officer of a company requesting sensitive financial information.
Conclusion
It is very much important to identify the different types of attackers and their motives to devise effective cybersecurity strategies. Understanding the tactics hackers use could help an organization prepare in case there is an imminent threat.