The Unusual Suspects: Cyber threats, methods and motivations

They’re the unseen, threatening, mysterious adversaries your business must defend against. But holding them up to the cold light of day diminishes their power – and helps defeat their attacks.

The cyber threats organisations face are created by human beings, people who make mistakes and have foibles and weaknesses. At BAE Systems, we think that understanding the threat actors you face is the cornerstone of a strong business defence. These are the Unusual Suspects.

The Activist

Whatever their cause, it’s a burning one – and the Activist takes their political, religious or social cause outside the rule of law and on to the Internet.

The Activist targets adversaries with data theft, reputational damage and the defacement of web sites and social media accounts. The Activist’s tactics can be crude and impulsive – but they’re also often singularly effective. They may also be a smokescreen for other activities and threat actors.

Learn more about the activist

The Getaway

They’re too young to go to jail – and know that, even if they’re caught, they’ll get away with little more than a slap on the wrist for their actions.

Often blessed with merely basic hacking skills, the Getaway is curious, keen to learn, and also keen to impress peers or more senior cybercriminals.

They may not understand the consequences or illegality of their actions.

Learn more about the getaway

The Insider

The most difficult Suspect to counteract, the Insider might be a disgruntled or negligent employee, a commercial spy, victim of coercion or even a well-meaning innocent.

Their position inside the castle walls enables them to bypass security controls with ease, copying data onto USB drives, giving away passwords or even installing malware deliberately. Regardless, the Insider leaves a swath of destruction in their wake.

Learn more about the insider

The Mule

The Mule is a casual criminal or naive opportunist who makes up the final link in the cyber crime chain.

They’re the most vulnerable to arrest, as they turn the proceeds of Internet-based criminal activity into cold, hard, untraceable cash.

That might involve selling goods bought with stolen credit card details, or turning funds transferred into their personal bank account into wire service cash.

Learn more about the mule

The Nation State Actor

They’ve a ‘Licence to Hack’ - and they often work for a business bankrolled by, or connected opaquely to, those in power.

The Nation State Actor rarely acknowledges their actions and often goes to great lengths to cover their tracks, while other Suspects loudly claim recognition for their labours. Their tactics, tools and activities often represent the state of the art in cyber attacks, so are often mimicked or stolen by other Suspects.

Learn more about the nation state actor

The Professional

They work at what looks like a legitimate ‘9 to 5’ job – but it’s anything other than law abiding.

The Professional has built a career out of committing or supporting cyber crime, and is highly risk-averse.

They may run a botnet, maintain an organised crime supply chain, or sell cyber crime tools to others. In the process they will have built a criminal network of consultants, contacts and specialists.

Learn more about the professional

Get in touch and talk to one of our experts today, or download the overview to find out more:

Download The Unusual Suspects Overview Contact us