Hacktivist attacks can be perpetrated by insiders, but can also originate from outside activist groups looking for social justice. Hacktivists of all types are motivated by political, environmental and social issues. It takes only one employee with strong feelings that a wrong has occurred and using that belief to justify action to cause problems.
2. Criminal Organizations
Organized criminal groups frequently use the Internet to commit fraudulent actions in the banking and financial system and e-commerce. These organizations have an underground marketplace where cybercriminals can buy and sell stolen information and identities. The challenge security teams face is that these attackers will go after any data they can monetize. Corporate IP such as movies, videos, music and computer games can be sold to competitors in foreign countries is becoming a favorite target.
3. Careless and Compromised Employees
Careless employees violate corporate policies by moving sensitive data to unprotected locations (e.g., computers or public cloud storage). They may unwittingly expose this data to bad actors internal to a company or external partners and contractors. Compromised employees are those that are stealing data from an external source, and is a very common form of data loss. The attacks are often long-term, moving small amounts of data over a long time.
4. Leaving Employees
“Leaving” employees who take sensitive data with them is a major problem. Studies consistently find that almost 60 percent of former employees have taken sensitive company data when they depart an organization regardless of the reason why they left. One Symantec study found that 56 percent of workers believe it is okay to take data with them and use it as a competitor. This includes not only customer contact lists but also the IP and trade secrets related to the programs these employees were involved with.
5. State-Sponsored Cyber Espionage
China’s People’s Liberation Army (PLA) has developed a combat strategy called “Integrated Network Electronic Warfare”, which guides computer network operations and cyber warfare tools with the goal of seizing control of an opponent’s information flow and establishing information dominance.