Threat actors can be responsible for seriously impacting another organization’s security. Experienced threat actors with the right resources can hack an organization either externally, internally, or as a partner. Theoretically, a threat actor can really come in any kind of form, but in this case, the biggest actors usually act has whole governments or nation-states.
It’s very important for people to read the news once in a while and be aware who the biggest threat actors are. Whether you’re just an individual who surfs the web on occasion or you’re a huge company that does business globally, you can still be at an equal risk. These groups only need to possess the ability to potentially cause impact in order for them to be considered a major threat actor.
So, who are the biggest threat actors in the cyber security game that you need to look out for? Read on.
China is neither an ally or an enemy of the U.S. But, when it comes to cyber security, the United States can’t be too careful. That’s because according to comments made by FBI director James Comey, prior to 2015, the Chinese had been the most industrious nation responsible for cyber attacks. One of the biggest threat actors, China has been reported to conduct complex intrusion campaigns to obtain sensitive information that would have supported their state-owned enterprises.
This type of data theft is one of the driving factors that led to the U.S./China agreement over the theft of intellectual property. It’s believed to this day that China was involved in two major breaches, the Anthem Breach, and the OPM Breach. In addition to that, the FBI released a study of 165 companies that experienced data breaches, and 95% of those breaches had come from China. Though it’s believed that the prevalence of attacks from China have somewhat decreased, U.S. companies still need to be aware of how this threat actor could affect them.
Coming in second place is the sanctuary for asylum-seeker Edward Snowden, Russia. It seems as though the Kremlin is always making headlines for cyber security hacks, most recently for their involvement with the DNC and the White House. But, even before then, it’s no question that Russia has consistently played a huge role as one of the biggest threat actors in the world.
And, when it comes to Russia’s involvement, they’ve proved that there is really nothing too big or too outlandish for them to hack. As if the U.S. government isn’t enough, they’re also known to have hacked the medical records of U.S. athletes- Olympic athletes- who had participated in last year’s games in Rio.
Number three may be a tie between several countries or groups, but because of its uniqueness, ISIS is at number three on this list. ISIS is named a huge threat actor because of its attacks in 2015 and 2016 on the European Union. They also made news for their attack in 2016 that targeted close to 3,000 New Yorkers. Though these New Yorkers possessed nothing in particular that would have made them targets, it’s yet another reminder that you don’t need to be a large company or organization to have your private information hacked.
Of course, no one can forget the hack North Korea pulled last year on SONY, which caused the movie to be pulled out from theaters entirely. That was a sophisticated hack the likes of we’ve never seen before. We’ve also seen hacks from Iran and Syria. And, there’s no telling who we may be able to add to this list in the future.
You might be thinking, “How would these nation-state threat actors even get to me?” Well, the thing with these hacks is that they usually occur on such a large scale and are often very complex. It can be months before a company even knows they’ve been hacked. Most of the time, they won’t even notice the breach themselves. It’s not until the government or a third-party, like a cyber security blogger, reveals the hack occurred, that the company would be able to do anything about it.
An attack from one of these major nation-state threat actors could happen to you. Does your company have the tools to detect one of these attacks if it occurs? The more time goes by without you knowing about the breach, the more damage can be done.
Here at Smeester & Associates, we can answer your questions about threat actors and let you know if you’re at risk. Make sure you take our RiskAware™ Cyber Security Scan & Report to see where your cyber security efforts currently stand.