If the Internet has one enduring constant, it’s that somewhere, somehow, somebody is being hacked. Last month cyberassaults on banks, including BB&T (BBT), Citigroup (C), and SunTrust (STI), made headlines. But a recent Ponemon Institute survey reported that the average company is attacked twice a week and loses $8.9 million a year to cybercrime. Security analysts say the first thing businesses must know is just what types of threats are lurking in the shadows. While many hackers use relatively basic tools, such as phishing or malware, they often wield them with different motives. Here are six of the most effective actors.
1. State sponsored
Who: China, Iran, Israel, Russia, U.S.
Objectives: Intelligence, state secrets, sabotage
Targets: Foreign governments, terrorists, industry
Signature: Multi-tiered, precisely orchestrated attacks that breach computer systems
Classic Case: One-fifth of Iran’s nuclear centrifuges crashed after Stuxnet, a worm reportedly developed by U.S. and Israeli intelligence, penetrated computers at an Iranian enrichment facility. Iran allegedly retaliated by disrupting access to the websites of J.P. Morgan (JPM), PNC (PNC), Wells Fargo (WFC), and others.
Who: Anonymous, AntiSec, LulzSec
Objectives: Righting perceived wrongs, publicity, protecting Internet freedoms
Targets: Bullies, Scientologists, corporations, governments
Signature: Leaking sensitive information, public shaming, creepy YouTube videos
Classic Case: The websites of PayPal, Visa (V), and MasterCard (MA) were disrupted during Operation Payback, an Anonymous-led effort to punish companies that suspended the accounts of WikiLeaks in 2010. Some $5.6 million was lost by PayPal alone.
Who: Nigerian “princes,” carders, identity thieves, spammers
Targets: The gullible, online shoppers, small businesses, data-rich health care and retail companies
Signature: Stealing data, looting bank accounts
Classic Case: Coreflood, malicious software that records keystrokes and passwords, infected 2.3 million computers in 2009, some in police departments, airports, banks, hospitals, and universities. Affected companies suffered six-figure fraudulent wire transfers.
4. Insider (You)
Who: Disgruntled employees, contractors, whistleblowers
Objectives: Score-settling, leaks, public good
Targets: Large companies, governments
Signature: Document theft
Classic Case: Maroochy Shire, an Australian district along the Sunshine Coast in Queensland, was inundated with millions of gallons of untreated sewage in 2001 when a contractor hacked and took control of 150 sewage pumping stations. He had been passed over for a job with the district. His dirty work cost Maroochy Shire upwards of $1 million.
5. Script Kiddie
Who: Bored youth
Objectives: Thrills, notoriety
Targets: Low-hanging fruit such as unprotected websites and e-mail accounts
Signature: Defacing or dismantling websites
Classic Case: An e-mail subject-lined I LOVE YOU duped people — some of them inside the Pentagon — in 2001. The virus it contained, which originated in the Philippines, destroyed files and simultaneously replicated itself, seeding in-boxes as it went. The so-called Love Bug caused an estimated $10 billion in digital damage and lost productivity.
6. Vulnerability Broker
Who: Endgame, Netragard, Vupen
Objective: Hacking as legitimate business
Signature: Finding so-called zero-day exploits — ways to hack new software, selling them to governments and other deep-pocketed clients
Classic Case: French firm Vupen hacked Google’s (GOOG) Chrome browser at a security conference last March. Rather than share its technique with the company (and accept a $60,000 award), Vupen has been selling the exploit to higher-paying customers.