Usually in movies they are portrayed as a maniacal recluse. Sitting in front of multiple computer screens, with AC/DC blasting and crumpled cups of coffee and Red Bull scattered all over the desk and the floor. Or as a “V for Vendetta”, Guy Fawkes-styled freedom fighters with a score to settle. Cyber Criminals, Hackers, Data Thieves are the designations we have given them. And they come in all shapes, sizes and forms, from all walks of life, male/female, rich and poor.
Their motivation is as varied as their backgrounds. Some choose to become hackers because they seek revenge on someone who betrayed them. This category includes employees of businesses; citizens angry against the government; lovers who feel they have been wronged. Other cyber criminals are looking for monetary gain, often holding data “hostage”. Businesses need to pay a “ransom’ to receive a “key” to be able to unlock and access their data.
Since the inception of mainframes and shared/networked/internet conductivity, the profile of a hacker and the motives by which they infiltrate systems has evolved. The high school kid sitting in his room attempting to launch a nuclear missile or steal cash from Fort Knox has evolved into a whole new “faceless” genre of criminal. Most people involved in computer crimes are nameless and faceless to the organizations they attack, with the obvious exception of insiders such as employees and business rivals. But what do we know about the current state of hacker? How do we profile them?
Most Cyber Professionals break down the majority of hacker into three categories. The Hack-Tivist, The Cyber-Criminal and State Sponsored.
*The Hack-Tivist – often has an ax to grind, great passion and political leanings. The internet is the soapbox that they use to spread their discontent; their manifesto, their beliefs. Often they believe that an injustice has been done or a community “rights” compromised and they wish to alert citizens of this news. Famous Hack-Tivists include Julian Assange, the founder of Wiki-Leaks and Edward Snowden known for his NSA global surveillance disclosures.
*Cyber-Criminals – This group is responsible for stealing billions of dollars from businesses and individuals. Their motivation is greed. They buy and sell financial information, personal data and copywrited/patented/intellectual property from business, large and small. They consist of individuals and large networks of cyber crime organizations. They are also based all around the globe. This group has had the largest growth opportunity in the last five years. Business that have been targeted include: Target, the U.S. Government, Primera Blue Cross, Anthem Heath Insurance, Sony Pictures, Ashley Madison, Staples, Home Depot, Linked-In, JP Morgan Chase. The most recent statistic I have read is that almost 90% of businesses have experienced a data breach in the last five years.
*Government Sponsored Nation States – this is a Spy vs Spy group that is funded and supported by governments with the specific intention of espionage and data gathering. This group generally targets other governments, infrastructure and big business, specifically in the financial sector. They also create viruses, malware and other nasty’s to target specific entities and cause disruptions and chaos.
Understanding the motivations and reasons that hackers “hack” will help businesses, governments and individuals develop cyber plans to protect themselves. (It is also not a bad idea, to discuss Cyber Insurance Options with your local Insurance Agent). In a world where your information is targeted, is is your best laid plan for security.
Profiling Modern Hackers: Hacktivists, Criminals, and Cyber Spies. Oh My!
MAY 30, 2013 BY COREY NACHREINER