sb-as logo
Story image

Unmasking cyber criminals: research unveils six cybercriminal personalities

New research from BAE Systems has unveiled the six different cyber criminal personalities that represent the biggest threats to Australian businesses. 

The company said it has released the research in anticipation of the upcoming launch of the Australian Government’s Cyber Security Review.

The research, The Unusual Suspects, profiles six prominent types of cybercriminals, exposing how they cause harm, and provides practical guidance for companies to defend themselves.

Threat intelligence experts at BAE Systems developed The Unusual Suspects based on extensive analysis of thousands of cyber attacks on businesses to reveal the motivations and methods of the most common types of cybercriminal, the company explains.

BAE Systems says the research shows the increasing industrialisation of cyber crime. 

Dr Rajiv Shah, regional general manager, BAE Systems Applied Intelligence, Australia and New Zealand, says with the majority of Australian businesses still practising a traditional, perimeter-based security approach, the Unusual Suspects is intended to help enterprises understand the enemies they face so they can better defend themselves.

“Some cyber criminals are becoming even more professional, offering skills and services, such as project management, to other criminal organisations,” Shah explains.

“They are writing their own software that comes with service agreements and money-back guarantees if the code gets detected, with the promise of a replacement,” he says.

“This ‘industrialisation’ of cyber crime means it has never been more important for businesses to understand and protect themselves against the risks they face.”

BAE Systems has profiled six cybercriminals:

  • The Professional – career criminals who ‘work’ 9-5 in the digital shadows
  • The Insider – disillusioned, blackmailed or even over-helpful employees operating from within the walls of their own company
  • The Mule – naive opportunists that may not even realise they work for criminal gangs to launder money
  • The Nation State Actor – individuals who work directly or indirectly for their government to steal sensitive information and disrupt enemies’ capabilities
  • The Activist – motivated to change the world via questionable means
  • The Getaway – the youthful teenager who can escape a custodial sentence due to their age

Sergei Shevchenko, senior security researcher, BAE Systems Applied Intelligence, says the majority of attacks are still motivated by short term financial gain, such as the theft of card payment details. 

However, Shevchenko says cyber criminals can also seek out an organisation’s intellectual property. Once cyber criminals steal business data, they are able to sell it on underground forums where Australian data is highly valued, he says.

“We anticipate that organised cyber criminals will go to greater lengths to improve their own operational security and increase their use of deception; that is, the placing of false flags to throw off researchers and hamper attribution,” Shevchenko explains.

“Researchers will need to tread more carefully to effectively guide the enforcement activities by the relevant authorities.”

According to Shah, Australian businesses can prepare for the forthcoming Cyber Security Review by making sure they understand the risks to their organisation; by making sure they elevate cyber risk to be considered at a board level; and, by making sure their approach to cyber defence takes into consideration the full range of motivations of a potential attacker.

Story image
Report reveals relationship between boardroom and cybersecurity investments
“While boards are definitely listening and stepping up with increased budget for cybersecurity, they tend to view any investment as a cost rather than adding business value."More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
BlueVoyant acquires Managed Sentinel, builds out Microsoft MSS offerings
“Combining Managed Sentinel’s Azure Sentinel deployment expertise with BlueVoyant’s MDR capabilities will help customers operationalise and maximise Microsoft security technologies."More
Story image
Majority of industrial enterprises face increase cyber threats since COVID-19
Leadership's top cyber security priority was implementing new technology solutions since the onset of the pandemic.More
Story image
Video: 10 Minute IT Jams – A glimpse inside a ransomware cell
This is our second IT Jam with SonicWall senior manager of product marketing Brook Chelmo, and in this video Brook walks us through his one-on-one experience with a member of a ransomware cell. More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More