Solutions Blog

Introducing your cyberthreat starting lineup

It’s March. The lion is slowly morphing into a lamb, with warmer temps and sun screen to follow. March Madness is days away. Almost seventy (70) college games will soon test your flat screen’s durability. But you don’t have to wait for any brackets to find out who’s starting in this particular tournament, which lasts far longer than a fortnight. It’s an ongoing battle of the boards that takes place each second of every single day. It’s the ongoing fight to secure networks and keep vital data out of the hands of the following players.

Please direct your attention to center court. It’s time to introduce the Cyberthreat starting lineup.

At point guard, a veteran at unknowingly risking the security posture of virtually every business, organization and government on the planet—users.

As you’ve probably heard countless times, user error is the largest threat actor in the cyberthreat starting lineup. Whether it’s IT departments lacking the needed security skill sets to fend off attackers, too many unnecessary privileges being granted, or somebody absentmindedly clicking on a link in an email, internal errors are killers.

But users don’t always act unknowingly. Consider the disgruntled current or ex-employee. If they don’t adhere to the “never burn your bridges” workplace philosophy, they may just want a pound of data flesh. And they’ve even been known to collaborate with organized crime—even governments—to gain information or a big cash payout.

In late 2018, a scientist at biotechnology firm Genentech sold trade secrets to a rival company, which allowed them to manufacture generic versions of Genentech pharmaceuticals.

At the off-guard, an angry-at-the-world, politically-driven menace—the hacktavist.

These ne’er-do-wells are politically motivated so, naturally, making the most noise possible is a core motivator. Whether it’s publicly making a statement about their cause du jour or attacking a business or organization they feel has wronged them or the public at large, hacktavists have a delusional belief that they’re lauded by many. Hactavists attacked extramarital dating site Ashley Madison and divulged that names of tens of millions of members.

At small forward, the well-funded and cyber sophisticated—government-sponsored cyberthreat.

Government-led cyberthreats can count as their motivation a broad list of reasons, from economic, military, political…you name it. A year ago, the U.S. and the U.K. issued a joint statement blaming Russia for a series of cyberattacks. The Department of Justice a few weeks ago “shot down” a North Korean launched botnet. A Norwegian software company revealed that hackers form China’s ministry of State Security attempted to steal clients’ trade secrets. It was discovered that Iran had for years launched global DNS hijacking attacks against the Middle East, Europe, and North America. The Mexican government used spyware to target colleagues of a slain journalist investigating drug cartels. Six (6) months ago, different governments from at least forty-five (45) countries deployed spyware against targets in the U.S., France, Canada, and the UK.

That is a miniscule number of examples of government-sponsored cyber attacks. The list is exhausting. Cyber Warfare is the new battleground.

At power forward, and borrowing from a menacing label that dates back decades—organized crime.

Organized crime, whether you’re talking cyber threats or Capone-era Chicago, ultimately exists for a single purpose—illegal profits. The former types are the ones trying to get your logins and passwords, social security numbers, credit card information and health records. They’re the launchers of ransomware, bots and trojans. They’ve lately turned more and more to credential stuffing. And when a better mousetrap is built to stop them, they build a better, smarter mouse.

At center, a starter, but a less publicized or feared cybercriminal—the script kiddie.

These are the amateurs, usually working alone with a bag of chips and a Mountain Dew at their side, who use existing code they’ve found on the dark web to launch their attacks. They don’t develop their own tools; they’re wannabes and generally don’t do extensive damage, but want to prank websites for grins. However, there have been a few noteworthy attacks, like a DDoS event that crippled Yahoo a few years back.

A cybercrime-fighting team that’s been winning for years

To find out how to shore up your organization’s security posture, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of organizations of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, cyberattacks and how to combat the cyberthreat starting lineup, read more about it here:

Death and Taxes—and you can add this to the mix

If you doubled down on Russia, your bet’s safe

What happens in an ATM, doesn’t always stay in an ATM

Google launches itself into cybersecurity space

Getting Stuffed at Dunkin’ Donuts?

Security Myths Debunked

State of the Union address focuses on technology–briefly

The technology arms race was just amped up

Apparently, cyber attackers also consider imitation to be the sincerest form of flattery

Last week’s DHS “alert” upgraded to “an emergency directive”

The Collection #1 data breach—sit down first; the numbers are pretty scary

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

]]>

Categories:
Share on linkedin
Share on twitter
Share on reddit
Share on facebook
Share on email

Learn more about Introducing your cyberthreat starting lineup by filling out the form below:

Building the Future of Manufacturing

Manufacturers have had to a deal with a host of new problems and opportunities related to COVID-19, from new safety concerns to increased demand for services and everything in between. Looking forward to the rest of 2021 and beyond, here are three technological focus areas that will drive the manufacturing industry forward.

Read More »

The Picture of Health: Data Management

Though the need for healthcare providers to manage valuable data has increased dramatically, most have not had the time or capacity to fully assess how to support the long-term costs and security concerns related to these services, and many are currently struggling with performance issues that hinder user productivity.

Read More »
WordPress Image Lightbox