Types of Attacker.

• It is helpful to identify different types of attackers.
• Sort of on a level from low to high.
• The script kitty
  • Finds a POC and decides to try it out.
  • Probably just playing around
  • Probably very little intent to harm.
  • But can be a problem.
  • Every hold poked in a system provides a new vulnerability
• Student/curious hacker
  • Looking for a challenge or trying to learn more.
  • Probably not a major threat for damage.
• Lone hacker looking for more fame/money/revenge/...
  • Probably a larger threat
  • See this Video
  • Can be very dangerous.
• Organized groups
  • Probably aimed at government, or "evil" institutions
  • Hactivists
  • Many more resources (computer, software, human)
• Organized crime
  • As a side line to launder money
  • As a main line of income.
  • Much more dangerous
  • Potentially many more resources.
• Terrorists and official government activity
  • Potentially Unlimited resources
  • Stuxnet
  • You should read the side bar 1-2 on page 20.
• Advanced Persistent Threat
  • See The NIST definition

    An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception). These objectives typically include establishing and extending footholds within the information technology infrastructure of the targeted organizations for purposes of exfiltrating information, undermining or impeding critical aspects of a mission, program, or organization; or positioning itself to carry out these objectives in the future. The advanced persistent threat: (i) pursues its objectives repeatedly over an extended period of time; (ii) adapts to defenders' efforts to resist it; and (iii) is determined to maintain the level of interaction needed to execute its objectives.

  • Look at the Target case.
    • More Details