What Motivates a Cyber Threat Actor?Ifigeneia Lella of ENISA Discusses the Habits of the 4 Types of Threat Actors
Ifigeneia Lella, cybersecurity officer at the European Union Agency for Cybersecurity, or ENISA, describes findings from the agency's Threat Landscape 2021 report, which assesses the motives, capabilities, targeting and evolution of four different types of threat actors: state-sponsored actors, cybercrime actors, hacker-for-hire actors and hacktivists.
Lella says that the attack methods of the four different threat actor types have not necessarily shifted, but their "motivation has slightly changed and differentiates the four categories."
For example, state-sponsored actors are now engaging in revenue-generating activities, akin to cybercrime actors. "So they would deploy malicious cryptocurrency applications, and they would target the exchanges of cryptocurrencies. Why were they doing it? Monetary gain," she says.
In a video interview with Information Security Media Group, Lella discusses:
- The changing motivations of threat actors;
- Whether increased efforts by governments to disrupt state-sponsored threat actors have had any impact on their activities;
- How security leaders can best defend against threats in 2022.
Lella joined ENISA in 2016 as a cybersecurity officer and has led the Threat Landscape initiative since 2021. Previously, she was a security engineer at the European Central Bank, where she was in charge of projects in identity management. She has also served as an information security officer within the SOC team of the Hellenic Telecommunication Organization.