Cyber Primer
AEWhbF
AEWhbF
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Cyber</strong> threats<br />
2.5. <strong>Cyber</strong> attacks can appear in many guises, without necessarily inflicting<br />
visible or tangible material damage and are more easily deniable by the<br />
perpetrator. All of this significantly increases the likelihood that an adversary<br />
may seek to create effects through cyberspace. <strong>Cyber</strong> attacks currently have<br />
a lower political and public perception of aggression when compared with<br />
more traditional and visibly damaging attacks where lives or property are<br />
obviously and physically threatened. 20 This is largely based on the fact that<br />
there have been no publicised, large-scale events (including the loss of life)<br />
that have been positively attributed to a cyber attack. Should such an event<br />
happen, this would likely change the public’s perception to the potential<br />
‘aggressive’ nature of cyber attacks; it is the effect that is important not the<br />
means of delivery.<br />
Threat actors<br />
2.6. The term ‘threat actor’ is used to identify those who pose a threat.<br />
Threats to security in, and through, cyberspace include state-sponsored<br />
attacks, ideological and political extremism, serious organised crime,<br />
lower-level/individual crime, cyber protest, cyber espionage and cyber<br />
terrorism. Threat actors fall into six broad categories: nation states; terrorists;<br />
criminals; patriotic hackers; hacktivists; and insiders. 21 To some degree each<br />
category of threat actor is supported by the actions of hackers, who use<br />
their skills to adapt and exploit computer software and systems for purposes<br />
unintended by the original creators. 22 Each group’s membership can vary<br />
greatly in terms of sophistication, scale and motive and may pose differing<br />
types of threat. At all levels, the actor’s motivation is key, whether it is to:<br />
• support national goals (either on behalf of, or directly for, a<br />
governmental body);<br />
• generate income (either legitimately or through crime);<br />
• improve personal technical skills; or<br />
• support political ideals (hacktivisim).<br />
20 The majority of cyber ‘attacks’ are actually criminal acts.<br />
21 More information on these categories can be found from paragraph 2.8 onwards.<br />
22 Some hackers, such as the notorious hacker Kevin Mitnick, claim they are motivated by<br />
the challenge of hacking alone and do not seek financial gain or ideological advancement<br />
from their activities.<br />
<strong>Cyber</strong> <strong>Primer</strong> (2nd Edition) 23