Classifying Cybercriminals

Cybercrime is a criminal activity that either targets or uses a computer, a computer network, or a networked device. According to the Norwich University, cybercrimes have quickly become one of the fastest rising forms of modern crime as approximately 1 million potential cyberattacks are attempted per day. With the evolution of technology daily, this number is likely to increase. Trend Micro stated that laws related to cybercrime continue to evolve across various countries worldwide, with law enforcement agencies continually challenged when finding, arresting, charging, and proving cybercrimes. This post will discuss five different classifications of these cybercriminals.

1. Script Kiddies - Someone who lacks programming knowledge and uses existing software to launch an attack. This classification of cybercriminals typically uses current and frequently well-known and easy to find techniques and programs or scripts to search for and exploit vulnerabilities in other computers on the Internet often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.

2. Insiders - Someone with authorized access to company assets who use that access, whether maliciously or unintentionally, harms the business. An insider threat, typically involves a current or former employee or business associate. There are usually three types of insider threats: malicious insider better known as a turn cloak, careless insider – an innocent employee who unknowingly expose an organization to external risks; and a mole – technically an outsider who gained insider access to a privileged network.

3. Advanced Persistent Threats (APT) - An unauthorized actor who gains access to a network or system and remains there for an extended period without being discovered. The motives of advanced persistent threat actors are varied. For example, attackers sponsored by nation-states may target intellectual property to gain a competitive advantage in specific industries. In contrast, others may be sponsored by organized crime groups to obtain the information they can use to carry out criminal acts.

4. Hacktivists – Groups of criminals who unite to carry out cyber-attacks to support political causes. According to Check Point, however, hacktivist groups' motivations vary and may include more than political reasons. Revenge, social incentives, ideology, protest, a desire to embarrass specific organizations or individuals within those organizations, or sometimes sheer vandalism are examples of other motivators hacktivist groups may have.

5. Lone Wolf (Black Hat Hacker) – A hacker who breaks into a computer system or network with malicious intent, usually for monetary gain. Lone wolf attackers are difficult to track, and cyber lone wolf actors are equally difficult to find because they operate individually and on the Dark Web, known for its anonymity. As a result, lone wolf threat actors are a powerful force in the cybercrime underground.