Just before the recently launched Australian Government Cyber Security Review, BAE Systems unveiled research into the cyber criminals that represent the biggest threats to Australian business. The Unusual Suspects profiles six prominent types of cybercriminals, exposing how they cause harm, and provides practical guidance for companies to defend themselves.
Threat intelligence experts at BAE Systems have developed The Unusual Suspects based on extensive analysis of thousands of cyber attacks on businesses to reveal the motivations and methods of the most common types of cybercriminal.
The research shows the increasing ‘industrialisation’ of cyber crime. With the majority of Australian businesses still practising a traditional, ’perimeter based’, security approach, the Unusual Suspects is intended to help enterprises understand the enemies they face so they can better defend themselves.
“Some cyber criminals are becoming even more professional, offering skills and services, such as “project management” to other criminal organisations. They are writing their own software that comes with service agreements and money-back guarantees if the code gets detected, with the promise of a replacement. This ‘industrialisation’ of cyber crime means it has never been more important for businesses to understand and protect themselves against the risks they face,” said Dr Rajiv Shah, regional general manager, BAE Systems Applied Intelligence, Australia and New Zealand.
Who exactly are The Unusual Suspects?
BAE Systems has profiled six cybercriminals:
- The Professional – career criminals who ‘work’ 9-5 in the digital shadows;
- The Insider – disillusioned, blackmailed or even over-helpful employees operating from within the walls of their own company;
- The Mule – naive opportunists that may not even realise they work for criminal gangs to launder money;
- The Nation State Actor – individuals who work directly or indirectly for their government to steal sensitive information and disrupt enemies’ capabilities;
- The Activist – motivated to change the world via questionable means;
- The Getaway – the youthful teenager who can escape a custodial sentence due to their age.
The majority of attacks are still motivated by short term financial gain, such as the theft of card payment details. However, cyber criminals can also seek out an organisation’s intellectual property. Once cyber criminals steal business data, they are able to sell it on underground forums where Australian data is highly valued.
Sergei Shevchenko, senior security researcher, BAE Systems Applied Intelligence commented: “We anticipate that organised cyber criminals will go to greater lengths to improve their own operational security and increase their use of deception; that is, the placing of false flags to throw off researchers and hamper attribution.”
“Researchers will need to tread more carefully to effectively guide the enforcement activities by the relevant authorities.”
According to Dr Rajiv Shah, Australian businesses can prepare for the forthcoming Cyber Security Review by making sure they understand the risks to their organisation; by making sure they elevate cyber risk to be considered at a board level; and, by making sure their approach to cyber defence takes into consideration the full range of motivations of a potential attacker.
Professor Jill Slay, Director for the Australian Centre for Cyber Security at the University of New South Wales, said that cloud technology was an enabling factor in the industrialisation of cyber crime.
“Cyber crime is increasingly industrialised with many professionals operating complex networks within the cloud. Attack-as-a-Service is