In our hyper-connected society, we can only assume our dependence upon technology will grow in the future. Most of us now carry a smart phone as well as owning a computer or tablet, each containing sensitive pieces of our personal information such as credit card details, usernames and passwords. As our dependence upon technology increases, so too does the sophistication and prevalence of cyber attacks.
This requires us to have a greater understanding not only what a cyber threat is, but the types of attacks that can be carried out and by whom. The importance of ensuring your personal information and business data is adequately protected in now paramount, with the non-government cost of cyber crime in Australia as high as $2 billion annually. Furthermore, it was estimated that in 2012, 5.4 million Australians were victims of cyber crime.
What is a Cyber Threat?
As exciting as all of the digital advances we are making are, it has also impacted the ever-changing landscape of cyber security. Cyber attacks are becoming more sophisticated and targeted, creating an ongoing challenge to continually protect and detect cyber threats that may compromise our sensitive data.
In better protecting yourself against potential cyber attacks, education is the key. Firstly, understanding what a cyber threat constitutes is important in appreciating how or why these attacks are carried out.
According to the CSIRO, a cyber threat can be defined as:
- Any identified effort directed towards access to, exfiltration of, manipulation of, or impairment to the integrity, confidentiality, security or availability of data, an application or a (federal) system without lawful activity.
- The possibility of a malicious attempt to damage or disrupt a computer network or system.
It is important to note however, the above definitions highlight that the threats are intentional and intended to cause damage or disruption, but not all threats are in fact intentional. Accidental or neglectful activities can be considered unintentional cyber threats as the accidental leakage of important information for example, can also cause similar damage to that of a malicious and targeted cyber attack.
What Types of Cyber Threats Are Out There?
It can be quite overwhelming when hearing about the various types of cyber threats out there, and what each of them specifically mean. Cyber threats are made up of a number of factors. These include:
- The types of technologies used to carry out an attack (e.g. Trojans and worms)
- The techniques used to carry out an attack (e.g. spamming)
- The purpose of carrying out the attack or intent (e.g. data breach or financial gain)
- The person carrying out the attack (e.g. cyber criminals or insiders);
- and technology trends (e.g. the cloud)
Who Carries Out A Cyber Attack and Why?
A person or group of people who carry out cyber attacks can be defined as ‘threat actors’. Their characteristics vary in terms of their motivations behind their cyber crime, their technical capabilities and whether they are hostile (intentionally committing cyber crime) or non-hostile (unintentionally posing a cyber threat).
Threat actors can therefore be grouped according to these common characteristics:
Script Kiddies or Cyber Vandals
Script Kiddies or Cyber Vandals are a hostile type of threat actor who have a low to medium capability level in terms of carrying out cyber attacks. They are generally looking for a challenge and carry out attacks to simply play a prank or just to prove they can, while also causing damage in the process.
Can be classified as individuals who are currently or were previously employed by an organisation in any type of capacity, who were able to obtain varying levels of access to sensitive information and therefore abuse their employee privileges. Their motivation may stem from dissatisfaction with the employer or for financial gain.
Hacktivists can be individuals or form as a group to carry out cyber attacks in support of a central cause. Their technical capability can vary from low to high however it isn’t uncommon for other threat actor profiles to join Hacktivists in their attacks to support a particular ideal. Embarrassing or exposing the target to get public attention are motivators.
This type of threat actor operates in the business world often to gain a competitive advantage over rivals. They are seeking to gather intelligence and commonly commit data breaches when competing for revenues and resources.
This type of threat actor have access to significant resources and have specialist skills, as they tend to undertake cyber crime professionally and purely for financial gain. They commit such online crimes as fraud, ransomware and can be responsible for delivering malicious tools. The organised crime threat actor is often well connected to other criminal networks.
In cyber security terms, a terrorist threat actor is an individual who uses online technology to carry out malicious activity. This may include violence or the threat of violence to evoke fear in others, or to bring about social or political change. They may seek to take over critical infrastructure or communications or infiltrate government systems, with a medium to specialist level of capability.
Nation states can be identified as an individual or group who form part of a country’s government. This type of threat actor is particularly malicious in the sense that they are highly strategic and endeavour to access classified information which may be political, economic or military in nature. They are specialists in their activities and often carry out attacks to obtain a position of power.
As mentioned, cyber threats can originate from unintentional sources as well as intentional, such as the threat actors listed above. Unintentional cyber attackers can also be classified into threat actor groups depending on how they compromise data. Employees for example, form a threat actor group as they can unintentionally or accidentally become a threat as a result of poor training in cyber security practices, or through shortcutting safeguards to save time.
Information partners form another unintentional threat actor and can be identified as someone with whom a business has divulged sensitive information. Information partners can unintentionally or accidentally become a threat through not having sufficient cyber security measures in place to adequately protect the information of other businesses.
Finally, Researchers can be classified as individuals or groups who carry out cyber research. This may entail researching cyber security developments and challenges which can often lead to them highlighting existing weaknesses that can then be targeted by hostile threat actors.
When considering all of the known types of cyber threats, and who carries out these cyber attacks and their motivations, it is obvious that we are constantly fighting an online battle against numerous groups. With advancements in technology and the move towards a digital world, these types of threats are only going to increase as threat actors also become more educated and sophisticated in their techniques. It is therefore extremely important that we exercise all cyber security measures available to us to ensure we do not become a target of a cyber attack, or if we do, that we are adequately prepared to deal and recover from a cyber crime event.