As our lives progressively move ‘online’, cyber attacks are an ever present threat to everyone using the internet. Sometimes it can feel that the computers are attacking us, or that the internet itself has turned bad. But let’s not forget, behind every dodgy scam email, every link that contains malware and every ransomware note is a person. (Some of the illustrated profiles depict creatures, this is purely for comedic value. Believe me, they are always people.)
Although, the overwhelming motive behind most cyber attacks is to illegally make money, other motives include surveillance, misinformation and espionage, theft of intellectual property and confidential information, and pranks and activism.
In this article for the last week of #CyberSecurityAwarenessMonth, we ask WHO exactly are the attackers?
Nation state attackers are typically hackers who work for Governments to commit cyber attacks against other countries. Nation state actors often seek to attack the national infrastructure, military and businesses and can infiltrate supply chains, influence public opinion, and threaten national security. Threats range from espionage, theft of intellectual property, disinformation campaigns, and cyber attacks against corporations to steal and extort money.
Example: In 2020, a major cyber attack gained access to over 200 organisations around the world including NATO, the UK Government, Microsoft, the European Parliament and multiple parts of the United States government. The cyberattack and data breach were reported to be among the worst cyber-espionage incidents ever suffered by the US. The UK’s GCHQ said there was compelling evidence pointing to Russia.
Cyber criminals can work as individuals or in gangs, they make money by committing crimes online. Any unskilled person who fancies their hand at some DIY cybercrime can access some low level but surprisingly effective hacking tools on the internet. At the other end of the scale, highly organised criminal gangs prey on vulnerable individuals, charities, hospitals and international corporations to extort millions in carefully targeted cyber attacks as well as indiscriminate scams. Cyber criminals break the law (computer misuse act 1990) to gain unauthorised access to data which they steal to commit fraud (Fraud act 2006), or use malware to encrypt and hold to ransom, or sell on to other criminals. Today, cyber crime is earning more money for organised crime groups than any other business. For this reason, they invest in top talent and technology for the job. As well as stealing data and cash, cyber criminals also cause disruption and chaos, ruin reputations and take organisations out of business.
Example: In June 2021, two schools in the south of England were forced to temporarily close after a ransomware attack. On-premises servers were targeted, encrypting student and staff emergency contact details, medical records, timetables and registers and a wealth of vital school resources were stolen that included student data, teaching materials, policies and school trip information. The criminals behind the attack hoped to receive a ransom payment to unlock the school’s encrypted data.
Hacktivists are motivated by strong beliefs in a cause, this could be a political view, cultural or religious beliefs, national pride or terrorist ideology. A hacktivist wants to take visible action to share their message, often with negative consequences for the organisation being targeted and other businesses effected by the collateral damage. Examples of hacktivism includes hacking an organisation’s website and posting messages or changing information. Bringing down websites and services with a Distributed Denial of Service attack is another common action.
Example: “Anonymous” is a de-centralised hacktivist movement motivated by political reasons and formed in 2003. Targets of Anonymous hacktivism have allegedly included government agencies of the US, Israel, Tunisia, and Uganda amongst others. Other suspected examples of their targets are corporations such as PayPal, MasterCard, Visa and Sony.
A hacker is someone who uses their programming and networking skills to create and modify computer software and hardware to bypass cyber security defenses.
Some hackers may just be curious youngsters, having fun and trying to gain kudos amongst peers by breaking through different security systems. This might start off as modding computer games (usually not illegal), accessing the school network to download games to play at school ( illegal without permission) or using “stressers” to knock competitors off an online game (always illegal). Some may not even realise that what they have started doing is illegal. Community police teams are keen to reach young hackers and divert them away from criminal activities towards legitimate uses off their skills. People with these hacking skills can find highly paid employment as ethical hackers to work legally with organisations to find their security weaknesses (with their permission) and to help them fix it.
Criminal hackers, on the other hand, gain unauthorized access into a computer system or network with malicious intent. They may use computers to attack systems to install dangerous malware, steal or destroy data, or disrupt an organization’s services.
Example: In February 2000, 15-year-old Michael Calce, also known as “Mafiaboy,” discovered how to take over networks of university computers. He used their combined resources to disrupt the number-one search engine at the time, Yahoo. Within one week, he’d also brought down Dell, eBay, CNN and Amazon using a distributed-denial-of-service (DDoS) attack that overwhelmed corporate servers and caused their websites to crash. He was sentenced on September 12, 2001 to eight months of “open custody,” one year of probation, restricted use of the Internet, and a fine.