Cybercriminals are individuals or teams of people who use technology to commit malicious activities on digital systems or networks with the intention of stealing sensitive company information or personal data, and generating profit.
Cybercriminals are known to access the cybercriminal underground markets found in the deep web to trade malicious goods and services, such as hacking tools and stolen data. Cybercriminal underground markets are known to specialize in certain products or services.
Laws related to cybercrime continue to evolve across various countries worldwide. Law enforcement agencies are also continually challenged when it comes to finding, arresting, charging, and proving cybercrimes.
Cybercriminals, Hackers, and Threat Actors
Hacking does not necessarily count as a cybercrime; as such, not all hackers are cybercriminals. Cybercriminals hack and infiltrate computer systems with malicious intent, while hackers only seek to find new and innovative ways to use a system, be it for good or bad.
Cybercriminals also differ greatly from threat actors in various ways, the first of which is intent. Threat actors are individuals who conduct targeted attacks, which actively pursue and compromise a target entity’s infrastructure. Cybercriminals are unlikely to focus on a single entity, but conduct operations on broad masses of victims defined only by similar platform types, online behavior, or programs used. Secondly, they differ in the way that they conduct their operations. Threat actors follow a six-step process, which includes researching targets and moving laterally inside a network. Cybercriminals, on the other hand, are unlikely to follow defined steps to get what they want from their victims.
Note, however, that cybercriminals have also been known to adopt targeted attack methodologies in their operations.