New research from BAE Systems has unveiled the six different cyber criminal personalities that represent the biggest threats to Australian businesses.
The company said it has released the research in anticipation of the upcoming launch of the Australian Government’s Cyber Security Review.
The research, The Unusual Suspects, profiles six prominent types of cybercriminals, exposing how they cause harm, and provides practical guidance for companies to defend themselves.
Threat intelligence experts at BAE Systems developed The Unusual Suspects based on extensive analysis of thousands of cyber attacks on businesses to reveal the motivations and methods of the most common types of cybercriminal, the company explains.
BAE Systems says the research shows the increasing industrialisation of cyber crime.
Dr Rajiv Shah, regional general manager, BAE Systems Applied Intelligence, Australia and New Zealand, says with the majority of Australian businesses still practising a traditional, perimeter-based security approach, the Unusual Suspects is intended to help enterprises understand the enemies they face so they can better defend themselves.
“Some cyber criminals are becoming even more professional, offering skills and services, such as project management, to other criminal organisations,” Shah explains.
“They are writing their own software that comes with service agreements and money-back guarantees if the code gets detected, with the promise of a replacement,” he says.
“This ‘industrialisation’ of cyber crime means it has never been more important for businesses to understand and protect themselves against the risks they face.”
BAE Systems has profiled six cybercriminals:
- The Professional – career criminals who ‘work’ 9-5 in the digital shadows
- The Insider – disillusioned, blackmailed or even over-helpful employees operating from within the walls of their own company
- The Mule – naive opportunists that may not even realise they work for criminal gangs to launder money
- The Nation State Actor – individuals who work directly or indirectly for their government to steal sensitive information and disrupt enemies’ capabilities
- The Activist – motivated to change the world via questionable means
- The Getaway – the youthful teenager who can escape a custodial sentence due to their age
Sergei Shevchenko, senior security researcher, BAE Systems Applied Intelligence, says the majority of attacks are still motivated by short term financial gain, such as the theft of card payment details.
However, Shevchenko says cyber criminals can also seek out an organisation’s intellectual property. Once cyber criminals steal business data, they are able to sell it on underground forums where Australian data is highly valued, he says.
“We anticipate that organised cyber criminals will go to greater lengths to improve their own operational security and increase their use of deception; that is, the placing of false flags to throw off researchers and hamper attribution,” Shevchenko explains.
“Researchers will need to tread more carefully to effectively guide the enforcement activities by the relevant authorities.”
According to Shah, Australian businesses can prepare for the forthcoming Cyber Security Review by making sure they understand the risks to their organisation; by making sure they elevate cyber risk to be considered at a board level; and, by making sure their approach to cyber defence takes into consideration the full range of motivations of a potential attacker.