Through a spear phishing campaign, or an exploit of a vulnerability, hackers gain access to the compromised user's machine, and deploy malicious software that allows control and data gathering. Using credentials obtained from one of these compromised users, hackers can begin a reconnaissance of company data. The prize might comprise of competitive data, business plans, or illustrations of the network's architecture. Just like that, a hacker has a blueprint for success - and the data thieving begins.
Mitigating Insider Threats requires best practices from an organisational point of view. Then there is the technology implementation. Ironically, this is both the easiest and the hardest part. The data centre, which often contains the most sensitive and important information, also happens to have the weakest security controls in place. The proven approach here is positioning a layer of security close to the data, such as database audit and protection (DAP), and file activity monitoring solutions.
4. State-sponsored Hackers
State-sponsored hackers are probably the most powerful, talented, and well-equipped hackers in the world, thanks to generous government funding. They are often recruited to infiltrate and gain top-secret information from other governments, and this usually mirrors real world tensions between countries. Today, state-sponsored hackers are increasingly responsible for headlines regarding Internet spying and cyber warfare between nations around the world.
Since state-sponsored hacks are often specifically targeted, smaller businesses generally have less to fear. Large enterprises, however, may become the victim of hacks designed to steal trade secrets, and these can be hard to identify and defend against.
State-sponsored attacks have a well-defined, systematic, and highly organised attack methodology. Well-known cyber weapons include Stuxnet, Duqu or Flame. These are all examples of powerful malware the antivirus industry failed to address, and they continue to be prevalent today. Stuxnet, for example, is the world's first known "cyber missile" originally designed to sabotage special power supplies used almost exclusively in nuclear fuel-refining centrifuge systems. Later on, it was recognised as the world's first publicly known cyber super weapon - designed to cross the digital divide and destroy a very specific target in the real world.
This list of hackers is by no means exhaustive, but it provides a basic understanding of the key groups of people behind the biggest security threats that we face today. With this information, organisations can develop a more robust and comprehensive security strategy - one that should place a layer of security close to databases and file stores in the data centre as well as feature the ability to aggregate and validate attack data from Web Application Firewalls (WAFs), in order to protect against Hacktivists, Cyber Criminals, Insider Threats, and State-sponsored Hackers.
Sign up for CIO Asia eNewsletters.