Friday, May 7, 2010

Who Commits a Cyber Crime

There is a growing convergence of technically savvy computer crackers with financially motivated criminals. Historically, most computer crime on the Internet has not been financially motivated: it was the result of either curious or malicious technical attackers, called crackers. This changed as the Internet became more commercialized. Financially motivated actors, spammers and fraudsters, soon joined crackers to exploit this new potential goldmine. Cyber Criminals have fully adopted the techniques of crackers and malicious code authors. These are financially motivated people, who pursue their goals considerably more aggressively than an average cracker. They have the monetary means to buy the required expertise to develop very sophisticated tools to accomplish their goals of spamming and scamming the public.
The perpetrators of these attacks vary considerably. At the low end are script kiddies, who are usually unsophisticated users that download malicious software from hacker web sites and follow the posted instructions to execute an attack on some target. These attacks are often only annoyance attacks, but they can be more severe. At the next level are hackers who are trying to prove to their peers or to the world that they can compromise a specific system, such as a government web site. Next are insiders, who are legitimate users of a system that either access information that they should not have access to or damage the system or data because they are disgruntled. Insiders are often less knowledgeable then hackers, but they are often more dangerous because they have legal access to resources that the hackers need to access illegally.
Next are organizational level attacks. In this case, the organization’s resources are used to get information illegally or to cause damage or deny access to other organizations to further the attacking organization’s gain. These can be legitimate organizations, such as two companies bidding on the same contract where one wants to know the other’s bid in order to make a better offer. They could also be criminal organizations that are committing fraud or some other illegal activity. At the highest level is the nation state that is trying to spy on or cause damage to another state. This level used to be called “national lab” attackers, because the attackers have a substantial amount of resources at their disposal, comparable to those that are available to researchers at a national lab, such as Los Alamos Laboratory or Lawrence Livermore Laboratory. After the September 11, 2001 terrorist attacks on the World Trade Center, the idea of nation state level cyber attacks being carried out by terrorists became a big concern.

No comments:

Post a Comment