Cyberattacks and data breaches happen worldwide, and no one is immune. Your business needs to protect its networks and systems, and secure sensitive data. But how much do you know about the types of cybercriminal out there. This roundup discusses the biggest threats and what they’re after.
Online crime is a lucrative industry. Cybergangs go online to offer “crime as a service.” Their targets vary and can be spread out globally. In 2019, one international crime gang stole £100 million from more than 40,000 victims. Culprits were found in the US, Bulgaria, Germany, Georgia, Moldova, and Ukraine. Victims included small businesses, law firms, international corporations, and nonprofits.
Many of these bad guys may have started out in the digital environment, but well-established street gangs are turning their attention to cybercrime too.
Typically well-funded and organised, cybergangs work long-term to mount large-scale attacks. They target banks, law firms, healthcare networks, and other big businesses.
Still, small businesses can be targeted by cybercrime gangs. You could be the first domino to compromise a larger, more lucrative target in your supply chain.
One nation pays an individual or group to target another country. On the digital battlefield this could mean:
- tampering with an election;
- infiltrating another country’s banking system;
- compromising critical infrastructure;
- accessing intelligence;
- creating incidents of international significance;
- engaging in propaganda, disinformation campaigns;
Australia recently announced a “sophisticated state-based cyberattack” on political and private-sector organisations.
State actors also used cyber techniques to damage Iran’s nuclear program. They left an infected thumb drive in the parking lot. A well-meaning staffer found the USB and plugged it into the facility computers. The virus caused Iran’s fast-spinning centrifuges to go into overdrive.
These attackers are often motivated by nationalism, but this doesn’t mean businesses are safe. A politically motivated cyber actor might target a hotel hosting an international convention or gain access to a government vendor to send false communications.
Also known as disorganised crime, this is the online equivalent of a petty thief. Many make their income stealing money from low-hanging targets.
Some Lone Wolves are only interested in proof-of-concept: hacking into businesses and governments to see if it’s possible, without doing any damage once they are inside.