With the rise in cyber crime we need to pay attention to who is behind these attacks, and why. A Risk & Insurance post by Abi Potter Clough (riskandinsurance.com/3-types-of-cyber-threat-actors-and-their-motivations/) cites a report from CyberCube detailing three different types of cyber criminals:
- State-sponsored actors. Since they are backed by and protected by governments, they are well funded and capable of large scale sophisticated attacks. These include advanced persistent threats (APTs). Targets tend tp be large entities including government agencies with valuable data. However, private businesses suffer collateral damage. Motivations are political and economic; countries under sanctions use ransomware attacks as a source of revenue.
- Organized crime. Gangs use ransomware to extort money (by 2031 ransomware is estimated to exceed $265 billion globally, with attacks every two seconds). In addition to ransom payments, gangs double the extortion threat by releasing stolen data, and triple it by demanding secondary ransoms from individual victims. Gangs also sell ransomware-as-a-service enabling small scale criminals to participate.
- Hacktivists. Unlike the first two groups their motives are social and political change. They may claim to be supporting the "good guys", but their actions cause damage to individuals whose data is breached.
By understanding these types of criminals and their motivations we can be better prepared to fight them.