{"id":134006,"date":"2020-12-15T16:00:38","date_gmt":"2020-12-15T13:00:38","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/"},"modified":"2020-12-15T16:00:38","modified_gmt":"2020-12-15T13:00:38","slug":"from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/","title":{"rendered":"#From Lone Wolf to Organised Crime \u2013 Where Cyber Threats Come From \u2013 CloudSavvy IT"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a40293417109\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a40293417109\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#Different_Tiers_of_Cybercriminal\" >Different Tiers of Cybercriminal<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#The_Different_Tiers_Defined\" >The Different Tiers Defined<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#The_Top_Tier\" >The Top Tier<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#The_Middle_Tier\" >The Middle Tier<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#The_Bottom_Tier\" >The Bottom Tier<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#And_Yet_More_Threat_Actors\" >And Yet More Threat Actors<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#Organized_Crime\" >Organized Crime<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#Hacktivists\" >Hacktivists<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#The_Lone_Wolf\" >The Lone Wolf<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/buradabiliyorum.com\/en\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from-cloudsavvy-it\/#Your_Defenses\" >Your Defenses<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#From Lone Wolf to Organised Crime \u2013 Where Cyber Threats Come From \u2013 CloudSavvy IT&#8221;<\/strong><\/p>\n<div id=\"article-content-area\">\n<figure id=\"attachment_8597\" style=\"width: 700px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8597 size-full\" src=\"https:\/\/www.cloudsavvyit.com\/thumbcache\/0\/0\/825fa5a0f4b30829d86ac876b67b2990\/p\/uploads\/2020\/12\/0a6eb7bd.png\" alt=\"\" width=\"700\" height=\"350\" data-crediturl=\"https:\/\/www.shutterstock.com\/image-photo\/mulhouse-france-17-january-2019-vendetta-1286977651\" data-credittext=\"Shutterstock\/NeydtStock\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/mulhouse-france-17-january-2019-vendetta-1286977651\">Shutterstock\/NeydtStock<\/a><\/span><\/figcaption><\/figure>\n<p>There\u2019s more than one type of threat actor, and they\u2019re all differently skilled. Which do you need to worry about and which pose little or no threat? We explain it to you.<\/p>\n<h2 id=\"different-tiers-of-cybercriminal\"><span class=\"ez-toc-section\" id=\"Different_Tiers_of_Cybercriminal\"><\/span>Different Tiers of Cybercriminal<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In the physical world, there are different tiers of criminals. Clearly, those who plan and execute diamond heists are not the same ones who snatch a handbag and run down the street. It\u2019s the same with cybercriminals. There are many different types of threat actor, from the ever-popular Hollywood trope of the kid in his bedroom to the state-sponsored, advanced persistent threat groups used for offensive and defensive international cybercrime and cyberwarfare.<\/p>\n<p>In August 2018 a team of threat actors infiltrated the webserver that hosted the British Airways flight booking website. Having gained access to the server they paused and reconnoitered. They determined which software modules performed which functions, and how the various modules communicated and authenticated to one another. When they had identified the module they wished to target, they wrote a replacement for that module and sw<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ed in their compromised one.<\/p>\n<p>Because the website continued to work as expected no suspicions were aroused. Bookings were still processed correctly, tickets were issued, and passengers boarded flights without holdups or issues. Meanwhile, the substitute module was retaining a copy of the personal data that passed through it.<\/p>\n<p>All the names, addresses, email addresses, passport numbers, and credit card details were squirreled away, waiting to be retrieved by the criminals. The fraudulent module was active from the end of August to early September 2018. During that period, it harvested 380,000 sets of personal data.<\/p>\n<p>This type of targeted attack requires many different skills. The target has to be selected, the website must be compromised, the website must be analyzed and understood, and the compromised module must be developed and inserted into the chain of execution in the website. More often than not, this takes a team of individuals.<\/p>\n<p>Each team member has a specialism or particular area of expertise that can be brought to bear during the attack. The operation has to be pay-rolled. The cybercriminals must also be well-versed in the associated physical-world criminal activities that are needed to get a pay-off from the attack. They need to be able to make money from the venture and to cover their tracks, for example. Even with payment in a cryptocurrency, they may need to money-launder their proceeds. Maladjusted and misdirected perhaps, but these are intelligent, skilled operators.<\/p>\n<p>This begs the obvious question. Would such top-tier highly-skilled cybercriminals attack the average\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/SME\">small to medium enterprise<\/a>\u00a0(SME)? No, of course not. But that doesn\u2019t mean the average SME has nothing to worry about.<\/p>\n<p>With a sophisticated service industry flourishing on the Dark Web to provide the tools, support, and even to execute actual cyberattacks on behalf of the poorly-skilled wannabe cybercriminal, practically anyone can execute a cybercrime. Having a broad and deep knowledge of IT, cyber security, and programming is no longer a requirement to get into the <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/game\/\" data-internallinksmanager029f6b8e52c=\"7\" title=\"Game\" target=\"_blank\" rel=\"noopener\">game<\/a>.<\/p>\n<p>All you need is criminal intent and Internet access.<\/p>\n<h2 id=\"the-different-tiers-defined\"><span class=\"ez-toc-section\" id=\"The_Different_Tiers_Defined\"><\/span>The Different Tiers Defined<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3 id=\"the-top-tier\"><span class=\"ez-toc-section\" id=\"The_Top_Tier\"><\/span>The Top Tier<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Threat actors in the top tier have advanced and sophisticated skills and deep knowledge of the subject matter. They devote themselves to attacking high-value and, often, high-profile targets. The attacks that took place against\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.channelnewsasia.com\/news\/asia\/cathay-pacific-passenger-data-breach-security-10861036\">Cathay Pacific<\/a>,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bbc.co.uk\/news\/technology-54568784\">British Airways<\/a>,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bbc.co.uk\/news\/technology-49070596\">Equifax<\/a>, and\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.bbc.co.uk\/news\/world-us-canada-38324527\">Yahoo!<\/a>\u00a0are examples of attacks by top tier cybercriminals.<\/p>\n<h3 id=\"the-middle-tier\"><span class=\"ez-toc-section\" id=\"The_Middle_Tier\"><\/span>The Middle Tier<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The threat actors in the middle tier have a moderate amount of IT and cybercrime skills. Typically, these threat actors do not target companies and perpetrate carefully executed attacks. Their targets are anyone they can infect.<\/p>\n<p>If the threat actors in the top tier are like snipers, those in the middle tier are blindfolded machine gunners. They blast away and then see who they\u2019ve hit. They will extort money from anyone and everyone, large or small.<\/p>\n<p>They have enough skills to be able to use downloaded source code and malware kits purchased from the Dark Web to create new strains or variants of existing threats. They may use one of the many Cybercrime-as-a-Service providers on the Dark Web, although that tends to be the domain of the bottom tier threat actor.<\/p>\n<h3 id=\"the-bottom-tier\"><span class=\"ez-toc-section\" id=\"The_Bottom_Tier\"><\/span>The Bottom Tier<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The lowest level is the bottom tier. They are known derogatively as <em>script kiddies<\/em> by the hackers who possess actual skills. These wannabe cybercriminals are able to follow basic instructions, but they are restricted to using ready-made\u2014and readily available\u2014tools to commit their attacks. They don\u2019t have the skills and knowledge to create new threats for themselves.<\/p>\n<p>They often make use of the Cybercrime-as-a-Service providers on the Dark Web. Like the middle tier, they don\u2019t care who they infect or extort from. They are completely agnostic in their malware attacks\u2014for the most part.<\/p>\n<p>One of the common attacks used by the bottom tier threat actor is a\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Denial-of-service_attack\">distributed denial of service<\/a>\u00a0(DDoS) attack. This category of attack is popular with the bottom tier because they are easy attacks to conduct and the software required to carry out a DDoS attack can be found at no cost on the regular internet. A DDoS attack does need to be aimed at a specific victim.<\/p>\n<p>If the top tier is like snipers and the middle tier is like machine gunners, the bottom tier is like a gang of kids who have found a pistol. They\u2019re huddled around it looking down the barrel to see if it is loaded. But a bullet hurts whether the trigger is pulled by a marksman or an idiot.<\/p>\n<h2 id=\"and-yet-more-threat-actors\"><span class=\"ez-toc-section\" id=\"And_Yet_More_Threat_Actors\"><\/span>And Yet More Threat Actors<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Of course, the three-tier model is a simplification. If it has served to demonstrate there are different levels of expertise across the three primary tiers of cybercriminals and that only the very top tier targets specific companies for financial rewards, it has fulfilled its purpose. But, as you may expect, the threat landscape is more complicated and many-layered.<\/p>\n<h3 id=\"organised-crime\"><span class=\"ez-toc-section\" id=\"Organized_Crime\"><\/span>Organized Crime<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Organized Crime uses the internet and the Dark Web for a variety of illegal purposes, and is reshaping its activities to benefit from the anonymity of the Dark Web and cryptocurrencies. For example, drugs need to be grown as a crop then processed. That product must be transported and smuggled. It is then sold and distributed through a multi-level pyramid of lesser criminals with each lower level showing progressively less loyalty to the organization. Every one of those levels introduces risk and cost.<\/p>\n<p>Selling their drugs on Dark Web markets removes the multi-layered distribution model and allows the criminals to hide behind cryptocurrencies. It reduces costs and risks for the criminals. It was a short step from there to realizing that cybercrime is an attractive model too.<\/p>\n<p>Organized crime\u2019s cybercrimes span both the top tier and the middle tier. They have the financial clout to hire top tier cybercriminal talent to develop malware for them, especially ransomware. These are the headline-stealing variants of ransomware that spread globally with devastating effect.<\/p>\n<p>They are the ransomware threats that introduce new attack methods, new distribution or infection methods, or that leverage newly discovered\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Zero-day_(computing)\">zero-day exploits<\/a>. Like middle-tier operators, they are aiming to hit as many victims as possible.<\/p>\n<h3 id=\"hacktivists\"><span class=\"ez-toc-section\" id=\"Hacktivists\"><\/span>Hacktivists<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The term hacktivist was first coined by a member of the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/cultdeadcow.com\/\">Cult of the Dead Cow<\/a>\u00a0back in the mid-90\u2019s. They were a hacking group that used to meet in an abandoned slaughterhouse in Lubbock, Texas. Hacktivist is a portmanteau word joining hacking and activist. But make no mistake, hacktivists are still cybercriminals.<\/p>\n<p>Hacktivists see themselves as <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">social<\/a> justice warriors carrying out attacks against targets that, as far as they are concerned, are deserving of service disruption or public shaming. Their activities are the digital equivalent of physical activism such as lobbying, workplace disruption, picket lines, and student sit-ins\u2014and sometimes vandalism.<\/p>\n<p>Undoubtedly, the most widely known hacktivist group is\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/anonofficial.com\/\">Anonymous<\/a>. It grew out of the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.4chan.org\/\">4chan<\/a>\u00a0image-posting website. Anonymous has attacked such organizations as\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Al-Qaeda\">Al-Qaeda<\/a>,\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Islamic_State_of_Iraq_and_the_Levant\">ISIS<\/a>, the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Ku_Klux_Klan\">Ku Klux Klan<\/a>, the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Scientology\">Church of Scientology<\/a>, the anti-Islamic group \u2018<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Reclaim_Australia\">Reclaim Australia<\/a>\u2018, and the\u00a0<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.godhatesfags.com\/\">Westboro Baptist Church<\/a>.<\/p>\n<p>Typically, Anonymous have used distributed denial of Service (DDoS) attacks to render victims\u2019 websites inoperable, they have defaced web pages with their own political messages, and they have leaked private information online. Occasionally they will go further and utterly annihilate web sites they see as deserving of destruction, such as sites hosting child pornography.<\/p>\n<p>Are hacktivists likely to target the average SME? No, almost certainly not. On the face of it, there\u2019s no justification for a hacktivist group to attack a regular business\u2014unless they make a mistake and misidentify you and your activities.<\/p>\n<h2 id=\"the-lone-wolf\"><span class=\"ez-toc-section\" id=\"The_Lone_Wolf\"><\/span>The Lone Wolf<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<figure id=\"attachment_8598\" style=\"width: 700px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8598 size-full\" src=\"https:\/\/www.cloudsavvyit.com\/thumbcache\/0\/0\/68478ac37c25b34cafc3ff064d57c752\/p\/uploads\/2020\/12\/102871d9.png\" alt=\"\" width=\"700\" height=\"317\" data-crediturl=\"https:\/\/www.shutterstock.com\/image-photo\/dangerous-hooded-hacker-breaks-into-government-680075014\" data-credittext=\"Shutterstock\/Gorodenkoff\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/dangerous-hooded-hacker-breaks-into-government-680075014\">Shutterstock\/Gorodenkoff<\/a><\/span><\/figcaption><\/figure>\n<p>Like hacktivists, the lone wolf hacker is usually motivated by something other than money. For example, Gary McKinnon\u2014who has been called the most dangerous hacker of all time, by none other than Anonymous\u2014became obsessed with the idea that <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Gary_McKinnon\">NASA was suppressing evidence of aliens and alien technology<\/a>, such as unlimited clean power. The rumour was started by a NASA contractor who claimed to have seen NASA mission photographs being digitally altered to remove images of UFOs.<\/p>\n<p>Between February 2001 and March 2002, McKinnon remotely broke into 97 NASA and US military networks looking for evidence of these claims. He also infiltrated systems belonging to the Pentagon and the US Navy. He was caught, and the US requested extradition. This was eventually blocked by the UK government on the grounds that McKinnon was mentally unwell.<\/p>\n<p>McKinnon freely admits to conducting the cybercrime and remains convinced that NASA is withholding evidence of extra-terrestrial life and <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a>. It\u2019s worth noting that his hacks almost entirely succeeded because of poor cyber-hygiene on the part of the victim, including weak and predictable passwords.<\/p>\n<p>Many lone wolf attacks follow this template. A socially-challenged or otherwise troubled individual, driven by illogical notions and beliefs, uses moderate technical skills to penetrate computer systems.<\/p>\n<p>They may have some technical skills but they are naive in the criminal field-craft required to carry out a crime and get away with it. In the vast majority of cases, they are caught very easily. The threat posed to the average business by such persons is limited to non-existent.<\/p>\n<p>The <em>Oxford English Dictionary<\/em>\u00a0defines cyberwarfare as:<\/p>\n<p><em>The use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes.<\/em><\/p>\n<p>The <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Equation_Group\">United States<\/a>, the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/GCHQ\">United Kingdom<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Charming_Kitten\">Iran<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Unit_8200\">Israel<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fancy_Bear\">Russia<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/PLA_Unit_61398\">China<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Lazarus_Group\">North Korea<\/a>, and <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/OceanLotus\">Vietnam<\/a> all have extremely cyber-capable offensive and defensive intelligence wings.<\/p>\n<p>An Advanced Persistent Threat (APT) is a computer network attack in which unauthorized access is achieved and remains undetected for a prolonged period. The term APT has also come to represent the groups behind such attacks, especially if several different advanced persistent threat attacks have been attributed to that group.<\/p>\n<p>These advanced persistent threats are cyberthreats of such protracted and technically challenging development, requiring large teams possessing world-class technical expertise, that they are attributed to nation-states or, possibly, the largest of corporations. It is possible that some of these corporations have been pressured by their intelligence services into creating these threats or to create products that carry in-built backdoors or other vulnerabilities.<\/p>\n<p>The types of cyberthreat posed by the state-sponsored groups are those that attack critical components of the infrastructure of countries. Power stations, communications, hospitals, financial institutions, chemical plants, electronics companies, manufacturing, aerospace, automotive, and healthcare have all been targeted.<\/p>\n<p>It is unlikely that the average SME will be targeted by an APT directly. But you can still get caught in the fallout. The <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/Petya_(malware)#2017_cyberattack\">NotPetya ransomware<\/a> that attacked companies around the world in 2017 is thought to have been a disguised and widespread attack against Ukraine by Russia.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Your_Defenses\"><\/span>Your Defenses<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>There might be multiple types of threat actor out there, but they are all variations on a theme. You don\u2019t need to plan to thwart each type individually. Make sure you pay attention to all of the basic steps in securing your network and pay attention to the three pillars of cyber security.\n<\/p><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.cloudsavvyit.com\/8549\/from-lone-wolf-to-organised-crime-where-cyber-threats-come-from\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#From Lone Wolf to Organised Crime \u2013 Where Cyber Threats Come From \u2013 CloudSavvy IT&#8221; Shutterstock\/NeydtStock There\u2019s more than one type of threat actor, and they\u2019re all differently skilled. Which do you need to worry about and which pose little or no threat? We explain it to you. Different Tiers of Cybercriminal In the physical&#8230;<\/p>\n","protected":false},"author":1,"featured_media":134007,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2020\/12\/0a6eb7bd.png","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-134006","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/134006","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=134006"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/134006\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/134007"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=134006"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=134006"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=134006"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}