Illusive Blog December 21, 2015

The 4 types of cyber attackers & their complete profiles.

By The Illusive Networks team

cyber_attackersCyber security was pretty simple back in the 1990s. Anti-virus software and firewalls offered plenty of firepower to combat attacks that were more annoying than dangerous.

But that world is gone.

Cyber Attackers exist on a spectrum now and they have ever since the Love Bug virus hit the scene in 2000, stealing some $10 billion from 20 different countries.

The term hacking just won’t cut it when discussing the spectrum of attacks. If you think it will, Tony Stark has a few words for you. In the latest Iron Man movie, he tells Colonel Rhodes, “it’s not the 80s, nobody says ‘hack’ anymore.” So true, Tony.

But if they aren’t hacks, what are they? Let’s profile the 4 key categories of cyber crime so Tony Stark doesn’t have to ridicule simplistic “hacking.”  

1. Pranksters

Early days of cyber attacks were spent by college pranksters looking at computer science as a means of entertainment. Take the infamous cyber group LulzSec, for example. Their name derives from the group motto, which essentially said that they laugh in the face of victims’ security measures. One of their most famous “attacks” wasn’t even a harmful virus or new piece of malware; it was a prank call:


In this video, you’ll hear members of LulzSec prank call the FBI, emulating President Obama, about the Flame Botnet malware. While this attack was strictly for the “lulz,” pranksters can cause harm.

Back in 2011, LulzSec took part in an Internet-wide attack on Sony, carrying out costly DDoS attacks and allegedly stealing source codes from their Developer Network.

2. Hacktivists—Attackers with a Cause

Hacktivism is cyber crime with a political or social cause and is generally carried out by a small or loosely connected group of criminals—hacktivists. Right now, the new US television show Mr. Robot is racking up massive ratings as it portrays hacktivism at work – and gets the technology right in the process. In the show, the hacktivist group “fsociety” delivers a haunting message to a corporate juggernaut:

Don’t get caught up in the fact that this is a television show. Hacktivism blew up in 2011, which Verizon labeled the “year of the hacktivist,” and groups such the 414s and Anonymous continue to cause issues today.


3. Super-Criminals

Cyber attacks are growing more sophisticated every day and cyber attackers are launching bigger and more dangerous vectors. These super-criminals don’t seem to have a social or political agenda. Instead, they learn from advanced nation-state cyber attackers and apply the latest techniques for personal financial gain.

They work slowly but methodically, mimicking existing IT processes to ensure they aren’t detected until it is too late.

One of the most infamous examples of super-criminal attacks came in 2013 when Target fell victim to a massive data breach. 40 million stolen credit/debit cards, 70 million breached records with personal customer information, $200 million spent to replace compromised cards and $53.7 million generated for the criminals.

Target is one of the world’s 100 most valuable brands and serves as proof that any company can be compromised. Big businesses like Home Depot, Sony Pictures and JP Morgan Chase were later breached in 2015 through super-criminal attacks.

4. Nation-State Cyber Attackers: Global Cyber Espionage 

Nation-state attacks are similar to hacktivism in that they have a political cause. It is fairly common for countries to have cyber armies or units dedicated to cyber espionage. With the support of a nation at their backs, these cyber attackers are often the most technologically advanced, developing new and destructive techniques to cripple enemies remotely and stealthily.

One recent example of nation-state attacks happened right under the nose of a major cyber security firm, Kaspersky Labs. Kaspersky reports that Stuxnet and Duqu malware entrenched themselves in an effort to leech information about nation-state attacks that were under investigation as well as data regarding the detection software that can mitigate attacks.

Nation-state attacks go beyond embarrassing a company, revealing the illicit secrets of an organization or compromising data for personal gain. These attacks can be devastating to an entire country, showing that cyber attacks have come a long way from their prankster beginnings.

Why Hacking Belongs to the Past

Tony Stark seems to have been right. The term hacking isn’t nearly strong enough to cover the vast spectrum of potential cyber attacks. Regardless of which type of attacker has targeted your company, it’s time for organizations to be more proactive about identifying the humans behind the crime.

Characterizing and tracking their activity is vital to understanding what they are after and how they plan on getting it. More importantly, it will give you the edge you need to counteract their methods.