Cybercriminals and hackers come in all shapes and sizes. Know your enemy and understand their motivations, skills, and modus operandi to keep your organization secure.
Here are some examples of the most prevalent threat actors businesses currently face.
Advanced Persistent Threats (APT)
APTs are hackers whose objectives include espionage and subversion for financial or political gain. Often state-sponsored, APTs are stealthy, cunning and leverage the most advanced attack vectors and malware.
Nation state groups rely heavily on spear phishing to compromise a specific user. Escalating privileges and deploying malware to exfiltrate data is often the next step.
Public sector, utilities and critical infrastructure
EXAMPLES OF APT GROUPS
|Aliases||APT1, The Comment Group|
|Case Background||The cyberwarfare unit of the Chinese People’s Liberation Army that focuses on stealing trade secrets and confidential information from corporations worldwide.|
|Case Background||A cyberwarfare and intelligence-gathering unit associated with the NSA. Among many capabilities, it has the ability to compromise commonly used hardware such as routers, switches and firewalls.|
|Origin Country||North Korea|
|Case Background||Responsible for various attacks over the past decade, including Ten Days of Rain, the 2014 Sony breach and WannaCry. Spear-phishing campaigns to deploy malware is its specialty.|
|Aliases||Fancy Bear, Pawn Storm, Sofacy Group|
|Case Background||A cyber-espionage group associated with Russian military intelligence agencies and known for different exploits and spear-phishing attacks to deploy customized malware|
Disgruntled employees just aren’t bad for moral, they’re a clear and present danger whose objective is profit, shame or espionage.
Look for unauthorized hardware placed in sensitive areas, such as USB drives, rogue access points or network hardware plugged into other devices.
Typically, insider threats can fall into four categories:
A law-abiding citizen that seizes the moment and steal digital goods for profit
Motivated by the fact that their company was wronged them, they collect/steal sensitive data
Employees who deliberately gain access to positions that allow them to commit fraud
An individual who is employed by an organization with the sole purpose of stealing data and IP