The IT Law Wiki


The Federal Bureau of Investigation has identified three categories of cyber threat actors:

[1] organized crime groups that are primarily threatening the financial services sector, and they are expanding the scope of their attacks; [2] state sponsors — foreign governments that are interested in pilfering data, including intellectual property and research and development data from major manufacturers, government agencies, and defense contractors; and [3] increasingly there are terrorist groups who want to impact this country the same way they did on 9/11 by flying planes into buildings. They are seeking to use the network to challenge the United States by looking at critical infrastructure to disrupt or harm the viability of our way of life.[1]


"Of these three categories outlined by the FBI, the first — organized crime groups — focuses on cybercrime. However, this category appears limited to those crimes that target the financial services sector. While the second category includes the theft of intellectual property and other activities that may be considered cybercrimes, this category is more roughly aligned with state-sponsored espionage. As such, the FBI's conceptualization of cybercrime surrounds the activities — primarily financial — of organized crime groups. This may exclude lone actors including hackers, stalkers, and online child predators. The FBI considers these malicious activities under the umbrella of cybercrime. . . ."[2]

"While there is a clear distinction that organized crime groups are motivated by profit and terrorists are motivated by ideologies, the motivation of state sponsored cyber threat actors may be more difficult to categorize and determine. This may be in part because different state sponsored actors may have different motivations, as is implied by the FBI description of the range of state sponsored cyber threats. For instance, some actors targeting the intellectual property of manufacturers and corporations may aim to gain a competitive advantage for businesses based in a particular country. Others actors seeking data from government agencies and contractors may desire to utilize this information to undermine the integrity and security of a rival nation. This is the distinction between the theft of trade secrets and the theft of state secrets. Nonetheless, in some cases, state actors' actions look much like those of profit-driven criminals."[3]


  1. Federal Bureau of Investigation, The Cyber Threat: Part 1: On the Front Lines With Shawn Henry (Mar. 27, 2012) (full-text).
  2. Cybercrime: Conceptual Issues for Congress and U.S. Law Enforcement, at 7 (citation omitted).
  3. Id. at 7-8.