It’s March. The lion is slowly morphing into a lamb, with warmer temps and sun screen to follow. March Madness is days away. Almost seventy (70) college games will soon test your flat screen’s durability. But you don’t have to wait for any brackets to find out who’s starting in this particular tournament, which lasts far longer than a fortnight. It’s an ongoing battle of the boards that takes place each second of every single day. It’s the ongoing fight to secure networks and keep vital data out of the hands of the following players.
Please direct your attention to center court. It’s time to introduce the Cyberthreat starting lineup.
At point guard, a veteran at unknowingly risking the security posture of virtually every business, organization and government on the planet—users.
As you’ve probably heard countless times, user error is the largest threat actor in the cyberthreat starting lineup. Whether it’s IT departments lacking the needed security skill sets to fend off attackers, too many unnecessary privileges being granted, or somebody absentmindedly clicking on a link in an email, internal errors are killers.
But users don’t always act unknowingly. Consider the disgruntled current or ex-employee. If they don’t adhere to the “never burn your bridges” workplace philosophy, they may just want a pound of data flesh. And they’ve even been known to collaborate with organized crime—even governments—to gain information or a big cash payout.
In late 2018, a scientist at biotechnology firm Genentech sold trade secrets to a rival company, which allowed them to manufacture generic versions of Genentech pharmaceuticals.
At the off-guard, an angry-at-the-world, politically-driven menace—the hacktavist.
These ne’er-do-wells are politically motivated so, naturally, making the most noise possible is a core motivator. Whether it’s publicly making a statement about their cause du jour or attacking a business or organization they feel has wronged them or the public at large, hacktavists have a delusional belief that they’re lauded by many. Hactavists attacked extramarital dating site Ashley Madison and divulged that names of tens of millions of members.
At small forward, the well-funded and cyber sophisticated—government-sponsored cyberthreat.
Government-led cyberthreats can count as their motivation a broad list of reasons, from economic, military, political…you name it. A year ago, the U.S. and the U.K. issued a joint statement blaming Russia for a series of cyberattacks. The Department of Justice a few weeks ago “shot down” a North Korean launched botnet. A Norwegian software company revealed that hackers form China’s ministry of State Security attempted to steal clients’ trade secrets. It was discovered that Iran had for years launched global DNS hijacking attacks against the Middle East, Europe, and North America. The Mexican government used spyware to target colleagues of a slain journalist investigating drug cartels. Six (6) months ago, different governments from at least forty-five (45) countries deployed spyware against targets in the U.S., France, Canada, and the UK.
That is a miniscule number of examples of government-sponsored cyber attacks. The list is exhausting. Cyber Warfare is the new battleground.
At power forward, and borrowing from a menacing label that dates back decades—organized crime.
Organized crime, whether you’re talking cyber threats or Capone-era Chicago, ultimately exists for a single purpose—illegal profits. The former types are the ones trying to get your logins and passwords, social security numbers, credit card information and health records. They’re the launchers of ransomware, bots and trojans. They’ve lately turned more and more to credential stuffing. And when a better mousetrap is built to stop them, they build a better, smarter mouse.
At center, a starter, but a less publicized or feared cybercriminal—the script kiddie.
These are the amateurs, usually working alone with a bag of chips and a Mountain Dew at their side, who use existing code they’ve found on the dark web to launch their attacks. They don’t develop their own tools; they’re wannabes and generally don’t do extensive damage, but want to prank websites for grins. However, there have been a few noteworthy attacks, like a DDoS event that crippled Yahoo a few years back.
A cybercrime-fighting team that’s been winning for years
To find out how to shore up your organization’s security posture, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of organizations of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.
If you want more information about network security, cyberattacks and how to combat the cyberthreat starting lineup, read more about it here: