A UK-based business IT support company has completed a new piece of research into the different types of hackers that exist. They have identified the Mules, the Professionals, the Nation State Actors, the Activists, the Getaways and the Insiders. They warn that companies are always under threat from one of these and that behind each attack sits a real person.
Large security companies are often tested by hackers. Some face as many as two large scale cyber-attacks each week. UK-based business IT support company Flair4IT has released new information on the types of hackers that are actually out there. In building this understanding, they also hope to help businesses understand the threats that they face.
Through their research, Flair4IT has been able to identify six different hackers. They all have different methods and they have different motivations. Hackers can be anyone from a teenager trying to become famous in certain circles, to huge criminal rings trying to commit fraud. Governments, meanwhile, are also paying attention to this research. This is because hacking is a new type of warfare, and one that the military seems to be losing.
“Behind each attempted hack is a human being,” says a Flair4IT representative. “Each of these has their own motives and their own operational methods. It is important to understand this in order to protect yourself against them as well. These people are professionals now, and cyber-crime has become industrialized. There are software programmers, entire telephone support scams and more and these are hugely elaborate. Sometimes, they even come with money back guarantees and privacy policies to dupe people! Being a hacker, for many, is now a 9 to 5 job.”
The first type of cybercriminal identified is the mule. A mule is an opportunist and quite naïve. They often don’t know that they work for a criminal gang. They often fall for a make money from home schemes. Sometimes, they do gain an understanding of what they are involved in, but continue to do so because they are afraid of the organization, or because they like the money.
Secondly, there are professional hackers. They use technology so that it is less likely to get caught committing a crime. They may pretend to be a support business, for instance. They often operate out of different countries, making it even harder to get caught.
Then, there are nation state actors. These are hackers who are government employed, directly or indirectly. Some of them are in uniform. Their goal is to disrupt the ability of someone else to create an international incident. These are the most advanced hackers, with the most sophisticated abilities. They often target infrastructure as well.
Fourthly, there are the activists. These promote a cause, politics or religion online. They may not be experienced hackers, but can steal data or disrupt their targets. They are generally seen as less of a threat.
The fifth type is the getaway, which is a person who is too young to face charges and know they will only get a slap on the writs. However, they are professionals in training and they learn fast.
Finally, there are insiders. These are employees in a company that have been disillusioned or that are blackmailed. Edward Snowden is an example, but he was unique in this. “Most insiders don’t wake up one morning and decide to release state secrets to the world,” adds the Flair4IT support officer. “Rather, they often sell contact lists or letterheads, not thinking it will do anyone any harm. It is important that HR departments are aware of these types of hackers, because they are often indivertibly dangerous.”