GDT Webinar Series – How to Fail at Security? Reserve Your Spot

Introducing your cyberthreat starting lineup

Cyberthreat lineup

It’s March. The lion is slowly morphing into a lamb, with warmer temps and sun screen to follow. March Madness is days away. Almost seventy (70) college games will soon test your flat screen’s durability. But you don’t have to wait for any brackets to find out who’s starting in this particular tournament, which lasts far longer than a fortnight. It’s an ongoing battle of the boards that takes place each second of every single day. It’s the ongoing fight to secure networks and keep vital data out of the hands of the following players.

Please direct your attention to center court. It’s time to introduce the Cyberthreat starting lineup.

At point guard, a veteran at unknowingly risking the security posture of virtually every business, organization and government on the planet—users.

As you’ve probably heard countless times, user error is the largest threat actor in the cyberthreat starting lineup. Whether it’s IT departments lacking the needed security skill sets to fend off attackers, too many unnecessary privileges being granted, or somebody absentmindedly clicking on a link in an email, internal errors are killers.

But users don’t always act unknowingly. Consider the disgruntled current or ex-employee. If they don’t adhere to the “never burn your bridges” workplace philosophy, they may just want a pound of data flesh. And they’ve even been known to collaborate with organized crime—even governments—to gain information or a big cash payout.

In late 2018, a scientist at biotechnology firm Genentech sold trade secrets to a rival company, which allowed them to manufacture generic versions of Genentech pharmaceuticals.

At the off-guard, an angry-at-the-world, politically-driven menace—the hacktavist.

These ne’er-do-wells are politically motivated so, naturally, making the most noise possible is a core motivator. Whether it’s publicly making a statement about their cause du jour or attacking a business or organization they feel has wronged them or the public at large, hacktavists have a delusional belief that they’re lauded by many. Hactavists attacked extramarital dating site Ashley Madison and divulged that names of tens of millions of members.

At small forward, the well-funded and cyber sophisticated—government-sponsored cyberthreat.

Government-led cyberthreats can count as their motivation a broad list of reasons, from economic, military, political…you name it. A year ago, the U.S. and the U.K. issued a joint statement blaming Russia for a series of cyberattacks. The Department of Justice a few weeks ago “shot down” a North Korean launched botnet. A Norwegian software company revealed that hackers form China’s ministry of State Security attempted to steal clients’ trade secrets. It was discovered that Iran had for years launched global DNS hijacking attacks against the Middle East, Europe, and North America. The Mexican government used spyware to target colleagues of a slain journalist investigating drug cartels. Six (6) months ago, different governments from at least forty-five (45) countries deployed spyware against targets in the U.S., France, Canada, and the UK.

That is a miniscule number of examples of government-sponsored cyber attacks. The list is exhausting. Cyber Warfare is the new battleground.

At power forward, and borrowing from a menacing label that dates back decades—organized crime.

Organized crime, whether you’re talking cyber threats or Capone-era Chicago, ultimately exists for a single purpose—illegal profits. The former types are the ones trying to get your logins and passwords, social security numbers, credit card information and health records. They’re the launchers of ransomware, bots and trojans. They’ve lately turned more and more to credential stuffing. And when a better mousetrap is built to stop them, they build a better, smarter mouse.

At center, a starter, but a less publicized or feared cybercriminal—the script kiddie.

These are the amateurs, usually working alone with a bag of chips and a Mountain Dew at their side, who use existing code they’ve found on the dark web to launch their attacks. They don’t develop their own tools; they’re wannabes and generally don’t do extensive damage, but want to prank websites for grins. However, there have been a few noteworthy attacks, like a DDoS event that crippled Yahoo a few years back.

A cybercrime-fighting team that’s been winning for years

To find out how to shore up your organization’s security posture, contact GDT’s tenured and talented engineers and security analysts at From their Security and Network Operations Centers, they manage, monitor and protect the networks of organizations of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, cyberattacks and how to combat the cyberthreat starting lineup, read more about it here:

Death and Taxes—and you can add this to the mix

If you doubled down on Russia, your bet’s safe

What happens in an ATM, doesn’t always stay in an ATM

Google launches itself into cybersecurity space

Getting Stuffed at Dunkin’ Donuts?

Security Myths Debunked

State of the Union address focuses on technology–briefly

The technology arms race was just amped up

Apparently, cyber attackers also consider imitation to be the sincerest form of flattery

Last week’s DHS “alert” upgraded to “an emergency directive”

The Collection #1 data breach—sit down first; the numbers are pretty scary

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware



Share this article

You might also like:

The advent of artificial intelligence (AI) brings transformative potential across industries while also introducing significant data security challenges. As AI systems become integral to operational and decision-making processes, safeguarding sensitive information against sophisticated threats is paramount. This exploration sheds light on the complexities of AI and data security and proposes

Transport layer security (TLS) is one of the most common tools for keeping users safe on the internet. When automated, TLS certification management can help organizations ensure more reliable and consistent use of TLS, reducing the need for human intervention and risk of human error. In fact, over the years,

As the head of GDT’s security practice and an industry veteran, Jeanne Malone and her team help customers worldwide advance their cybersecurity posture. One of the biggest cybersecurity game-changers is artificial intelligence (AI). We asked Jeanne to weigh in on leveraging AI and machine learning in cybersecurity to improve intrusion