Cybercriminals – Who are they?

Cybercriminals – Who are they?

There is a lot of classification of the various types of hackers but the terms “hacker,” “cybercriminals,” and “identity thief” are often interchangeably used.Cybercrime is a criminal activity that involves computers, networked devices, and networks. It is defined as a crime in which a computer or object is used as a tool to commit the crime. 


Cybercrime is at an all-time high, costing companies and individuals billions of dollars a year. Moreover, with the expansion of global cyber-criminal networks and credit, increased opportunities and financial incentives have created various types of cybercriminals that pose a significant threat to governments, businesses, and individuals alike.  


Identity theft is one of the oldest Internet crimes that gained prominence in the early years of the Internet. Identity thieves are cybercriminals who attempt to access the personal data of their victims, such as names, addresses, telephone numbers, places of work, bank accounts, credit card data, and social security numbers. They then use this information to make financial transactions and imitate their victims for personal gain.  


Identity thieves target organizations that store people’s personal information, such as schools and credit card companies. Cybercriminals also target the private information and business data of individuals that are stolen and resold. However, the primary effect of cybercrime is financial, which includes many different types of for-profit criminal activities such as ransomware attacks, email and Internet fraud, identity fraud, and attempts to steal financial accounts, credit cards, and other payment card information. Also, there are groups motivated to commit cybercrime for non-financial reasons such as revenge, states wanting to disrupt opposite governments for political purposes, protest over a cause or belief, terrorism, and much more.


Large, organized crime groups find new ways to commit old crimes online, treat cybercrime like business, and form global criminal communities. These illegal communities share strategies and tools and can join forces to carry out coordinated attacks.  


In general, we could categorize cyberthreat actors into four distinct groups that apply different cyberattack tactics and have specific motivations to act. They are: 




These threat actors focus on making money. The key to preventing cybercriminals is to make their actions more expensive than profitable so that they turn to a different target. They may be members of organized crime gangs or petty criminals who seek to capitalize on technology to seal and sell data to make money. 


The key points to consider for this category of cyberthreat actors are: 


  • Cybercriminals are driven by profit. Reducing potential profits can deter a cybercriminal’s interest in the attack strategy and thus reduce their time invested into committing it. 
  • Many cybercriminals are freelancers who take on different jobs for a fee. They can be hired by any company or state that needs to do some hacking without their own hands dirtying the work, and they’ll get to it with just one phone call from someone in need. 
  • Large, organized cybercrime groups are the modern-day mafia. They operate over a global network. Organized crime is shifting its focus from physical robberies to cybercrime. This means less risk for arrest and higher profit potentials – a perfect match! 
  • Some cybercriminal organizations are getting so good at hacking into people’s information that they even set up call centers dedicated to specific attacks, such as making phone calls to deliver socially engineered attacks or sending phishing emails. These criminals will go through the same steps of setting up an actual business – providing full-time jobs for employees and all the benefits a company would offer its workers. 




Their convictions drive these threat actors. Anonymous, an infamous hacktivist group that targets people or organizations they feel have violated human rights or other political agendas and need to be punished, is a prime example of this. Defending against these hackers is different from defending against typical cybercriminals because they do not care about money; they simply want “justice” for what has been done in violation of social norms according to their perception and understanding of right and wrong. 


The key points to consider for this category of cyberthreat actors are: 


  • It is not uncommon for hacktivists to be associated with conspiracy theories, including those involving anti-government concepts. In addition, they will often use technology to manipulate data for political purposes. 
  • Hacktivists who are motivated by a cause rather than profit make it much more likely that they will target specific entities, especially when compared to financially driven adversaries. 
  • Hacktivists have caused major breaches. Some notable ones would include the Sony data breach and Sony Playstation network hack by the LulzSec group. In 2012, the Anonymous group shut down the CIA’s website for more than 5 hours. 
  • Hacktivists can contract cybercriminals to help with their mission as well as for burst support based on the issue they are addressing or pay hackers a bounty if they find vulnerabilities in an organization’s system. 


State-sponsored actors 


These threat actors are similar to hacktivists because they are driven by a cause based on the state that sponsors them. Most governments have invested money into cyberwarfare research and development, with many of these countries supporting hacking operations as well. Any large-scale war will include disruption or destruction of infrastructure using cyber exploitation tactics like malware infections, denial-of-service attacks (DDoS), data breaches, etc., which means that any government’s critical infrastructure – such as power grids or nuclear reactors – must take special measures to defend against these threat actors. 


The key points to consider for this category of cyberthreat actors are: 


  • There is an elite class of state-sponsored cybercriminals that are very well funded. 
  • Most countries have limited knowledge of what other nations’ cyber capabilities look like “under the hood.”  
  • International-based crimes pose a difficult challenge for enforcing laws against such crimes. 
  • State-sponsored cybercrime is typically a very targeted attack that often goes unnoticed until it’s too late. It’s referred to as an advanced persistent threat, or APT for short. 
  • Many organizations are not equipped to hold their own against a state-sponsored attack. 




Terrorists are living in the digital age, and they’re not afraid to use any means necessary. Modern-day terrorists have technology on their side–technology that can be used for harm or good depending on who’s using it. From a malicious hacker causing widespread panic with an attack like WannaCry, to cyberterrorists leveraging pre-built scripts against vulnerable networks of systems; these threats come from everywhere now more than ever before because we live in such a connected world today where everything is interconnected through computers and devices which makes us all susceptible at one point or another to some type of social engineering scheme by someone looking just for our bank account number or trying to use your credentials to get access to organizations you may have access to. 


The key points to consider for this category of cyberthreat actors are: 


  • Terrorists have wanted to use cyberterrorism for some time now, and there are a number of ways they can do so. Cybercriminals often work as independent contractors who specialize in causing destruction; this is true with terrorists too. 
  • Cyberterrorists have changed the cybersecurity industry, prompting requirements for multifactor authentication and improved password policies in order to reduce the risk of global events caused by cyberterrorism. 
  • With cyberattacks on the rise, many people are justifiably concerned about their privacy and security. The compromised systems of some unwitting victims became part of an attack when they unwittingly helped spread malware through a phishing email or acted as gateways to networks during a hacking attempt. 


Another type of threat actors is often overlooked is the Insider threat. Insider threats are people – employees or former employees, contractors, business partners, or suppliers – who have legitimate access to an organization’s networks and systems and uses this access to obtain personal data or disclose sensitive information. Insider threats are more common in industries such as healthcare and finance, government institutions and can put information security at risk. They can be challenging to detect because threat actors often have legitimate access to an organization’s systems and data. 


Cybersecurity is an ongoing battle that many businesses and organizations have trouble keeping up with. The threats are constantly changing, which can make it difficult to assess the best way to protect your business or organization from cybercriminals who want nothing more than get your data for their own gain. Consider cybersecurity as a part of your strategic plan- don’t wait until disaster strikes before taking action! Ensure all devices in use by employees are secured against malicious viruses, spyware, malware, etc., and do not store sensitive information on any device without encryption software enabled. 



Contact Us 


No Comments

Sorry, the comment form is closed at this time.