Understanding the AttackersPosted: April 1, 2014
When defining attack vectors, it is useful to know who the attackers are. One should understand that attackers are people too, who differ in resources, motivation, ability and risk propensity. According to Bruce Schneier, author of Beyond Fear, the categories of attackers are:
The most common type of attacker. As the category indicates, they spot and seize an “opportunity” and are convinced that they will not get caught. It is easy to deter such attackers via cursory countermeasures.
They may accept a high level of risk and usually want to make a statement through their attack. The most common motivation for them is revenge against an organisation due to actual or perceived injustice. Although emotional attackers feel powerful when causing harm, they sometimes “hope to get caught” as a way of solving the issues they were unhappy with but were unable to change from the beginning.
Cold intellectual attackers
Skilled and resourceful professionals who attack for their own gain or are employed to do so. They target information, not the system, and often use insiders to get it. Unlike opportunists, cold intellectual attackers are not discouraged by cursory countermeasures.
They accept high risk to gain visibility and make a statement. They are not only hard to deter by cursory countermeasures, but can even see them as a thrill.
Friends and relations
They may introduce a problem to both individuals (in the form of financial fraud, for example) and companies (by abusing authorization credentials provided to legitimate employees). In this scenario, a victim and an attacker are sharing physical space, which makes it very easy to gain login and other sensitive information.