The Five Types Of Cyber Criminals

The Five Types Of Cyber Criminals

James Crossland

Digital Marketing Manager|Kerv digital

Published 06/07/22 under:

Have a question?

Get in touch

Who Are they, Why The Differences Matter & How Your Organisation Can Protect Itself


What are the different types of Cyber Actors and how can you protect against them?


Although the term Cyber Criminal gets thrown around a lot most people don’t realise that a Cyber Criminal is only one heading in a much larger category of individuals and groups known as Cyber Actors.

What’s A Cyber Actor?

Cyber Actors can be both individuals or part of a much larger group; normally characterised by the desire to damage a person or organisations computers, devices, systems or networks (in short, not very nice people)!

The broader term of Cyber Actor can be used to stand for them all or often gets broken down into its five, distinct groups; with the different categories being defined by their motivations rather than tactics or tools they use.

Fortunately, that means strong Cyber Security protocols usually work the same against them all.

What Are Cyber Criminals?

The first, and most and common term used is Cyber Criminal.

No doubt you’ll have come across this before, may even have fallen victim to one of their scams in fact.

They tend to be motivated by profit and greed and all Cyber Security experts agree, they pose a very real and present danger to users everywhere.

Common tactics employed by Cyber Criminals involve the selling of illegally obtained data, disrupting systems and holding them for ransom (known as Denial of Service or D.O.S attacks) and other nefarious scams involved with phishing for data such as social engineering, business email compromise (BEC), botnets, brute force password attacks, exploit kits, malware, ransomware and unfortunately a lot, lot more.

What’s A Malicious Insider?

A malicious insider is at once the easiest and hardest of the categories to protect your organisation against.

They tend to be disgruntled (or just malicious) ex-employees, contractors, agencies or anyone else who may have had access to your systems, networks or data.

A Malicious Insider is best defined as someone who intentionally misuses or exceeds the access you’ve granted them, either for personal profit or in an attempt to hurt your organisation.

It should be pointed out that there is a clear difference between a ‘Malicious Insider’, acting in the full knowledge of what they’re doing, and an ‘Unwitting Insider’ accidently clicking on a link in a dodgy email.


Steps to combat against Malicious Insiders usually involve governance that instantly revokes the credentials of anyone after their business with your organisation is done as well as the changing of any joint passwords they may have had access to (although preferably your organisation wouldn’t have any joint passwords in the first place).

What Are Nation State Actors?

The vast majority of people need not worry about Nation State Actors as you’re unlikely to ever come to their attention, although in recent years you may have read in the news about Nation State Actors on social media trying to influence foreign elections and the like.

However, depending on the size of your organisation or it’s prominence within a geographic/political territory, you may wish to make specific Cyber Security plans against Nation State Actors as they can be very well funded, with a lot of resources at their disposal.

A Nation State Actor can be most easily recognised by their targeting of public and private sector networks in an attempt to compromise, steal, change or otherwise destroy data (espionage in other words) and being motivated by, political, economic or military ideologies.

They can be both a direct department of a nation state or just receive covert funding, direction or technical advice from one.


Some Cyber Security experts still use the term Nation State Actor interchangeably with Advanced Persistent Threats (APT’s) but APT tends to refer to a specific type of activity which can be conducted by a variety of different Cyber Actors as it’s normally defined as someone who’s gained long-term access to your system or network.

What’s A Hacktivist?

Hacktivists are individuals or groups that tend to have a lot of self-taught cyber skills behind them and can be best defined as ideologically motivated Cyber Criminals.

Rather than doing what they do out of a desire for personal gain though; they do it from a standpoint of political, social or ideological motivation; targeting both individuals or organisations whom they feel deserve their wrath.

Common methods used by Hacktivists will include Denial of Service attacks, doxing (the practice of researching and then publicly broadcasting private or identifying information about an individual or organization) and website defacements.

If your organisation works in a sector that inspires a lot of extreme feelings, on either side of the fence, then it’s well worth considering Hacktivist attacks in your Cyber Security strategies.

What Are Cyber Terrorists?

The final category of Cyber Actors are Cyber Terrorists.

Sometimes confused with Hacktivists, in reality a Cyber Terrorist is just another word for a terrorist. Whilst cyber attacks by terrorist organisations are become more common, their primary motivation online currently remains the dissemination of their ideologies and goals as well as the recruitment of new members.


The talent, knowledge, abilities and resources of the various different types of Cyber Actors can vary wildly, as can their motivations for targeting your organisation.

As part of your Cyber Security strategy you need to consider what you do, why you do it and what kind of Cyber Actor that may encourage to try and attack your organisation.

From there you can take steps in protecting your systems, networks and sensitive data.

If your primary goal is profit led, it stands to reason you’re more likely to attract the attention of a Cyber Criminal.

If you’re a Non-Profit organisation it may be you attract more hacktivist attacks.


All these things need to be considered when putting (or updating) your Cyber Security Protocols in place.

Related Articles

You might also be interested in

From our world to yours

Going Beyond The Theory: Kerv Digital & The DVSA

From our world to yours

Life @ Kerv Digital As A Performance Analyst

From our world to yours

Four ways to defend against Cyber Criminals attempt to infiltrate Contact Centres

From our world to yours

Microsoft Cloud For Nonprofit: Fundraising & Engagement

From our world to yours

Kerv Group brings rich, actionable insights to bear on improving performance management...

From our world to yours

4 ways to integrate your Contact Centre and CRM to deliver brilliant...

From our world to yours

Kerv Digital 2022 Wrap-Up

From our world to yours

Life @ Kerv Digital As A Recruitment & People Analytics Manager

From our world to yours

CX Translate Opens the Door to International Understanding in Cross-Border Contact Centres

From our world to yours

Cloud Confessions: Q&A with CTO on Communications Compliance

From our world to yours

Helping With Hackathon Fundamentals

From our world to yours

Kerv Digital & Microsoft Solutions Partner Designations

From our world to yours

Life at Kerv as a Billing & Operations Co-Ordinator

From our world to yours

Deciphering Digital Transformation

From our world to yours

4 Things to Bear in Mind About Microsoft Teams Policy Based Recording

From our world to yours

Understanding EX: Achieving the utmost from workforce engagement management (WEM)

From our world to yours

Working Wellness: More Kerv Digital Benefits

From our world to yours

Cloud is not a destination

From our world to yours

How SD-WAN enables service provider flexibility, enhancing connectivity and reducing cost

From our world to yours

Taking the guesswork out of managing your future bandwidth demand

From our world to yours

Application Performance: User Experience

From our world to yours

Rapid Site Deployment and its Impact on Retail Profitability Across Store Locations

From our world to yours

Why your network infrastructure is key in mergers and acquisitions

From our world to yours

Data Platform Pragmatism

From our world to yours

Will SD-WAN really save money and why you must take a proper...

Have a question?

Leave your details and a member of the team will be in touch to help.
By pressing send, you agree to our Terms and Conditions and Privacy Policy.
This field is for validation purposes and should be left unchanged.