Developing knowledge about our enemy, like their goals, inorder to provide protection for yourself or an organization. In cybersecurity, enemy is called as “threat actor”. A threat actor can be defined as an organization or a person or a group intended to disrupt the security of a network or system. We shall now look at some of the actors and their motives.

Cyber Criminals: They are also known as hackers, use computer systems to gain unauthorized access to the user’s system, steal business secrets and personal information for malicious activities. They are not easy to be identified as they use several techniques such as proxies, IP spoofing to be anonymous. There are several classifications in the hackers.

• Black hat hackers: These are actually the bad ones. They use their knowledge to make money from unethical means. They do not follow any rules of law and take advantage of any single vulnerability available to exploit. They sometimes use malware, viruses, etc. to attack their target and demand for their requirement.
• White hat hackers: Unlike black hats, these are the good ones. These are hired by the companies and governments to detect vulnerabilities in their system and help them to patch. They do not disclose any information about the company, or the payment, or the vulnerabilities in the system they have performed attack. They perform attack in the same way the black hats do but by taking the permissions from the respective. These are also known as Penetration Testers and need not be cyber criminals.
• Grey hat hackers: These are the intermediate ones. They sometime act as white hats by assisting them in patching their security issues and sometimes attack to steal information or wealth. These type perform for their fun or satisfaction.

A case can be filed against any of these hackers. Black and Grey hats for their illegal actions and white hats for crossing any of the agreements signed.

Cyberterrorism: As the name suggests it is the amalgamation of cyber space and terrorism. It is referred to as the unlawful attack on a service or an organization to achieve political gains by threatening or by intimidating. They generally cause massive damages to government systems, hospitals, etc. and that might leave a fear of future attacks.

Government or State- sponsored actors: They have particular objectives aligned with commercial, political or military interests of their nation. They are known for stealing information and funds to further their nation’s spying causes. These are funded organizations by government or by the private for their own cause.

Insiders: When the workers of an organization go rogue, that can cause a severe damage to the organization they are working in. They are often difficult to be identified as they may have valid credentials. Most of the breaches caused from a company are due to unintentional errors caused by a worker. They often violate security policies, try to bypass securities, mail the details of the company to a third party, etc.

Hacktivists: These are technically skilled activists. Their motive can be of a protest, revenge or a desire to embarrass an organization. Hacktivists promote a political agenda or a social change. They cannot be termed purely as evil. They take from who have and give it to who doesn’t.

Script Kiddies: To be spoken in gaming language, these are noobs in hacking! They use the tools that are created by professionals to hack to others computer just for fun. Their intention is not accurate. They are more like a child who got his first computer, enthusiastic to explore.

Prevention or Response Plan:

• Secure all the sensitive files.
• Investigate and perform digital forensics on the incident.
• Back up of data in case of removal of files.
• Training staff on data security.
• Check for security vulnerabilities and try to patch them.
• Strong encryption to the data transmitted.

Here are some references for further reading:

• Actors and their motives.
• Threat actor basics.

No matter how safe we are, there will always be a way to get harmed. Being armed and ready for a war would be better strategy in security. Have a happy and safe learning!

Stay Home Stay Safe!