CyberCube, the market leader in cyber risk analysis based in California conducted a report titled ‘Understanding criminal cyber threat actors and motivations’ which can be found HERE in PDF format, discovered that there are predominantly three main forms of actors at play, those sponsored by state/governments, independent criminal gangs and hacktivists, the latter of the three hacktivists (hacking activism) is based on breaking into a system for politically or socially motivated gains as opposed to the other two which span across the many different cybercriminal activities from hacking government systems to inserting ransomware on business computers.

The state sponsored hackers that have direct links to government entities were found to be the most sophisticated and the most well funded networks, and their primary focus is ransomware, evolving tactics, techniques and procedures at an alarming rate. In addition, more recently these government backed hackers have been teaming up with cyber criminal gangs sharing software to distribute via SaaS (software as a service) and Raas (ransomware as a service) networks.

Darren Thomson, CyberCube’s Head of Cyber Intelligence Services said:

“While cyber crime is the subject of considerable research, most of it is focused on specific types of attack. In our view, we need to know more about the threat actors behind these attacks. The more we understand their motivations and allegiances, the more we can predict their moves.”

“Our new report focuses on actors with whom the insurance industry should concern itself because they are most likely to inflict cyber attacks on Western democracies and businesses while creating systemic risk that leads to risk aggregation and large financial losses. A greater understanding of the key cyber actors will help the insurance sector predict how and where future attacks could arise and inform estimations of attack frequency and severity.”

One UK based insurance company Ocean Finance has already set to work on determining who some of these threat actors are and therefore how to deal with such attacks. The findings of the report which can be found HERE looked only at individuals who had reported crimes and the average loss to that person per crime and found 12 main areas from Scotland all the way down to the South West of England that had predominantly been affected, shockingly Ocean Finance found Wales to be the biggest hotspot last year, though just 1,267 people had fallen victim, well over £4.2M was stolen, or £3,314 per person. London on the other hand had the highest number of victims at 5,306 people but the average loss was far smaller at £621 per person, but what the study discovered paints an unusual picture and one that wasn’t picked up CyberCube, that being a shift in ordinary offline fraudulent activity by loan criminals towards online fraudulent activities instead, Helen Fox the senior content producer for Ocean Finance said: 

“We discovered that 28,943 cybercrimes were reported across the UK in 2021, averaging 79 incidents per day.

“Cybercrime accounted for 6.5 percent of all reported cases of fraud in 2021, up from 3.4 percent in 2020.

“Although fewer incidents of fraud were reported in 2021 compared to 2020, the increasing prevalence of cybercrime in those incidents suggests a growing shift towards fraudulent activity online.”

And have already seen this shift unfold during exam season, schools and colleges across the US and UK have received emails from scammers posing as a parent of a student in order to gain access to the schools system and therefore sensitive data. One phishing email reads: 

Hi, I am Jamie’s mum and I was told to contact you in regards to his examinations, I just want to make you aware that he’s had a bad fall down the stairs. I took him to hospital right away and the bone has fractured. They told him to rest but I don’t think he’s going to be able to make it to his exams. I’ve attached his medical report from the hospital and the full details regarding his situation below and would appreciate it if you could check over it. I was also just wondering what we can do about this to reduce the impact it has on his examinations.

The National Cyber Security Centre put out a statement that read: “We know scammers exploit topical issues to trick people into sharing sensitive details or clicking on malicious content.

“Any attempt to scam school staff is despicable and if individuals spot suspicious messages they should forward them to us at”.

The attached files were found to contain ransomware.

Last year in March the Harris Federation based in London who run 51 primary and secondary school academies were caught up in a similar attack where devices and communications were completely disabled by the attackers who demanded £6 million in ransom. The academy was able to repair their systems without falling foul to the cybercriminals demands at a tune of just over £500,000, so still extremely costly to resolve and not all schools or colleges are in the same financial position as the Harris Federation to resolve such attacks.

Though there were fewer cybercrime events in 2021 compared to 2020 the attacks have been far more sophisticated, criminals have learnt that the public are more aware than before and in order for the criminals’ activities to work they have to get creative, which they certainly have been. Though both CuberCube and Ocean Finance among many others are doing their bit to help improve and protect us from bad actors within cyberspace, as CyberCube’s Darren Thomson said: “We need to know more about the threat actors behind these attacks. The more we understand their motivations and allegiances, the more we can predict their moves.” Which suggests we are still a long way off from putting these attacks to rest.

If you are unsure how to spot a phishing scam then the NCSC has compiled an eight page how to which you can find on their website HERE.

Alternatively if you are concerned about yours and or your company’s protection then we are here to help, simply call us today on 01737 824 003, or email us at