By understanding the different types of cyber attackers and how they operate, we can make rational decisions on the level of security required, the probability of attack and how to allow business processes to continue unobstructed.
Attackers, known as adversaries, have different capabilities and different motivations for launching attacks. Here we describe the most common types.
Motivated by mischief . Tend to perform attacks individually. Limited capability and skillset.
Motivated by feelings of being wronged or on behalf of others. Vengeance driven. Tend to act in groups. Skilled attackers.
Motivated by greed. Usually well financed due to their activities.
Motivated by power and domination. Most skilled and financed group.
Security perimeters can be breached by malware, zero day exploits, social engineering and compromised downloads. Once inside, the attacker may not have the privileges necessary to create real damage so they will try to escalate their privileges to that of ROOT or SYSADMIN. Once this has been achieved, they can then download and install further malicious software and create a back door to allow access even after their presence has become apparent. They may also copy and send sensitive data to a command and control centre or install ransomware.
Stop the kill chain in its tracks. Use defence in depth techniques such as firewalls, IDS, IPS. Use granular access control on files. Use white-listing of applications. Use multi-factor authentication. Take away admin privileges from non-security accounts. Make sure staff are adequately trained. For a full list of techniques, contact us.
Our expertise in all areas of security is always on-hand. Contact us to know more.
We can provide security as a service packages or deliver full security programs including training.