Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Guest View: Profiling four types of hackers

Stree Naidu | Aug. 2, 2013
For the security industry, it is important to know the different types of hackers – Hacktivists, Cyber Criminals, Insider Threats, and State-sponsored Hackers.

Granted, these are all large multinational companies. But hacktivists do not discriminate against smaller corporations in local markets that have some level of visibility. In Singapore, hacktivists have had their fair share of success defacing websites of organisations such as People's Association, Eu Yan Seng, and more.

Hacktivists' preferred methods of attack? DDoS and especially SQL injections, the primary modus operandi for hacktivists. Despite this, many organisations are not investing in Web Application Firewalls (WAFs) to address SQL injections.

2. Cyber Criminals

Cyber criminals, as the name suggests, are often linked to larger criminal organisations. Operating in either small or large groups, this group of hackers is driven solely by profit. They find new ways to commit old crimes, treating cyber crime like a business and forming well-organised global criminal communities.

Cyber criminals share strategies and tools with one another and can combine forces to launch coordinated attacks. They even have a rich underground economy where they can buy and sell stolen information and identities.

These professional criminals usually target organisations with a global network and deploy sophisticated and extremely varied methods such as zero day exploit codes, botnets, and web exploit kits. For example, in November 2012, a hacker was offering a zero-day exploit for Yahoo Mail for US$700 that would enable an attacker to use a cross-site scripting (XSS) vulnerability to steal Web browser cookies and hijack accounts.

3. Insider Threats

An Insider Threat is defined as a trusted person who has access to intellectual property (IP) or data, and who uses that information outside of acceptable business requirements. This misuse of information may be due to malicious intent, an accident, or compromise by outsiders.

One of the key hurdles security teams face is altering employee perceptions about data and IP ownership. Startling attitudes were revealed in a 2010 street survey that Imperva conducted with 1,000 working professionals in London. Seventy percent of respondents say they planned to take either IP or customer data with them when they left their current job. A majority of the employees surveyed felt that they own the data, and therefore felt justified in taking it. And this is not just a phenomenon of Western culture - the temptation to access or procure company property, including data, is cross-cultural and part of human nature.

Then there are also employees who unknowingly "help" hackers in their attacks. Only one employee has to be compromised for an attacker to burrow into a company's network and filch IP, steal data, and inadvertently become an Insider Threat.

How do hackers target these employees? They first leverage social media to identify an individual within the targeted organisation. For instance, LinkedIn is a fantastic tool for hackers to identify a database administrator at an organisation, and then using the available contact information for spear phishing purposes.

 

Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.