Fortune, in its Europe edition, dated 11 March 2013, identifies six different hacker types, and offers a summary of their differing motives, objectives and signature attacks. The six types that it lists are:
- State sponsored hackers – from China, Russia, Iran, Israel, the USA – whose objectives are espionage, theft of state and commercial information, cyber sabotage and cyber warfare;
- Cyber-criminals – based all round the world – whose objectives are simply illegal commercial gain, by stealing payment card details, customer data and online fraud;
- Insiders – your staff, and ex-staff – who may want to get even, prove a point, settle a score or ingratiate themselves with a future employer:
- Script kiddies – increasingly sophisticated hackers, who like the intellectual challenge and simply want to demonstrate their hacking prowess to others like themselves;
- Hacktivists – whose objectives range from religious fanaticism through to Internet freedom or anarchism; and
- Vulnerability brokers, whose business model is to find vulnerabilities in commercial software (eg Google) and sell details of those vulnerabilities to the highest bidder (usually state-sponsored or a high-level cyber-criminal) for them to exploit.
To those six groups I would add state intelligence organisations, which usually all have a commercial arm that operates on behalf of commercial enterprises to help them advance their commercial objectives ‘by other means’.
