The way cyber criminals maintain relationships and display different motivations should be considered when underwriting and broking cyber risks, finds leading cyber risk analytics firm CyberCube in its new report.
The company's report, ‘Understanding criminal cyber threat actors and motivations’, suggests that there are three main types of ‘threat actors’: state-sponsored, criminal gangs and hacktivists – groups or individuals who use hacking to effect social or political change.
Darren Thomson, CyberCube’s Head of Cyber Intelligence Services and a co-author of the report, said: “While cyber crime is the subject of considerable research, most of it is focused on specific types of attack. In our view, we need to know more about the threat actors behind these attacks. The more we understand their motivations and allegiances, the more we can predict their moves.”
Understanding cyber actors in the insurance industry
In the report it finds that state-sponsored actors are among the most significant and concerning to the (re)insurance industry and potential victims of cyber crime as they are affiliated with government entities, tend to represent well-funded, well-organised and sophisticated actors with mature procedures and protection from an associated government.
The report states that organised criminal gangs are primarily focused on ransomware and are evolving their tactics, techniques, and procedures at a rapid rate. In addition, the more evolved criminal gangs have even turned their attention in recent years to providing sophisticated hacking tools to other, affiliate cyber criminal gangs via a software-as-a-service (SaaS) distribution method, which is known as ransomware-as-a-service (RaaS).
The report also addresses how influential hacktivists present a very real threat to business and to the cyber insurance market, as these organisations play a very dangerous game when putting state secrets and intelligence operations in harms way, and the potential repercussions of these activities are far reaching.
“Our new report focuses on actors with whom the insurance industry should concern itself because they are most likely to inflict cyber attacks on Western democracies and businesses while creating systemic risk that leads to risk aggregation and large financial losses. A greater understanding of the key cyber actors will help the insurance sector predict how and where future attacks could arise and inform estimations of attack frequency and severity,” added Thomson.