These cyberthreat actors present the most risk to insurance | #computerhacking | #hacking | #hacking | #aihp

State-sponsored actors

Well financed and organized, hackers with backing from foreign nations are among the biggest threats to reinsurance and potential cyber victims, according to CyberCube.

Known for leveraging sophisticated operators and mature procedures, the objective of state-sponsored actors are politically motivated and are most often used for espionage purposes. However, distributed denial of service attacks, destructive wiper malware, misinformation, influence operations and hits on critical infrastructure as also in their playbook.

These attacks tend to be more strategic, and can be in the works for months and even years. Common targets for nation-state actors include government and non-government organizations, think tanks, key intellectual property and public utilities.

(Credit: Dmitry Nogaev/AdobeStock)

Organized crime

In the past decade, the cybercrime environment has shifted from a few organized gangs and thousands of individual operators to a mature worldwide network featuring corporate-like structures and well-developed software supply chains.

This turn to a more mature operating model is exemplified by the current trend of ransomware-as-a-service, which allows more established organizations to continue generating profits from the cybercrime ecosystem, while reducing their exposure. In turn, less sophisticated cybercriminals can gain access to more advanced tools with a relatively small investment, according to CyberCube.

As profit is the motivation, any trend seen in cybercrime will reflect the area and attack types that can draw the most profit for the least effort. At present, ransomware is the preferred method for extracting funds, and CyberCube reported that the trend shows no signs of slowing.

(Credit: Anatoliy Babiy/Fotolia)

Hacktivists

Not as defined or systematized as nation-state or organized gangs, hacktivists use the internet and security vulnerabilities to attack targets in the hopes of effecting political or social change. Actors in this sphere display a range of skill and capability levels.

The most well-known of these threat actors is the group Anonymous, a decentralized global network known for attacking government institutions and agencies, corporations and the Church of Scientology. With no established leadership, no action can be attributed to the members as a whole. However, associates of the group will often publicly take credit for an attack.

Most recently, the group said it hacked one of Russia’s more predominant law firms and released 1TB of data, including files, emails, court files, client files and backups.

(Credit: Diego M. Radzinschi/ALM)

From hacktivists to groups operating with support from hostile nations, the cyberthreat landscape is not for lack when it comes to those wishing to harm businesses. While they might sport similar tactics, the reasons hackers do what they do range from pure greed (see ransomware gangs) to supposedly altruistic purposes.

Global damages related to cybercrime are expected to reach $10.5 trillion by 2025, CyberCube reported, which noted understanding the why behind an attack is vital for underwriting and brokering cyber risks.

“While cybercrime is the subject of considerable research, most of it is focused on specific types of attack. In our view, we need to know more about the threat actors behind these attacks. The more we understand their motivations and allegiances, the more we can predict their moves,” Darren Thomson, head of cyber intelligence services at CyberCube, said in a release.

State-sponsored actors, organized crime and hacktivists, or those hacking to effect social or political change, are the three types of groups most likely to attack businesses in “Western democracies and businesses while creating systemic risk that leads to risk aggregation and large financial losses,” according to Thomson.

The above slideshow reviews each of the cyberthreat actors, breaking down their motivations and tactics, according to research from CyberCube.

Related: