Print this chapterPrint this chapter

Chapter 2 Exploring Cybersecurity Threats

1. Exploring Cyber Security Threats

1.5. Attacker Motivations

Audio

 

 

Transcript

So let's talk a little bit about attacker motivations. So we talked a few slides ago about knowing your adversary and if you know why what their motivation is, that will help you. So the first one, we want to talk about is data exfiltration attacks.

They're motivated by the desire to obtain sensitive or proprietary information, such as customer data or intellectual property. So we talked about that with Apple. Somebody data actually traded that technology to Apple. That's the end of the day. That's what happened. But it could be simply as.

Hey, in a month I'm leaving to go work for a competitor or I'm leaving next week, so I'm going to steal a customer list and all their information and how much they buy and how much they pay, et cetera. You know, it could be that from an internal actor, so.

Data exfiltration.

And then espionage attacks are motivated by an organization seeking to steal secret information from other organizations. This may come in the form of nation state.

Attacks attacking each other or corporate espionage. So whether it's apple against the company that had the original O2 sensor or it's China versus the US, you know either one. So it happens in business all the time. You know, that doesn't make Apple a horrible.

Company. It doesn't make you know the other companies that do that, it happens in business all the time where company A has a product and we want to use it and we're going to ask for forgiveness instead of permission.

So espionage happens.

So then a service disruption, those attacks seek to takedown or interrupt critical systems or networks, such as banking systems or healthcare networks. So you know, not not just those, but you know it could be an attack that wants to say take down Amazon.

So you can't shop there. You know how much money would Amazon lose if they were down for 24 hours and nobody could buy?

Something. Yeah. So those those are those type of things.

So if I disrupt your server with ransomware blackmail you to get money or I get, you know, data from that disruption, blackmail, you'd be able to get back up or to have me not do it again. Things like that.

Financial gain most of the reasons for taking out another company are financial gain. Other than that company, you have an axe to grind against them for some other reason, but financial gains are motivated by the desire to make money through theft or fraud.

Organized crime is generally involved and motivated by financial gain, as are other types of attackers. Philosophical or political belief attacks, or motivated by ideological or political reasoning. So as you know, hacktivists would fall into that.

Pascal tax or white hat hacking, or motivated by desire to expose vulnerabilities and improve security. These attacks are often carried out by security researchers or ethical hackers with the permission.

With the permission of the organization. So that's key for it to be called a white hat is they have to have authorization.

Revenge attacks are motivated by a desire to get even with an individual or organization by embarrassing them or exacting some other form of revenge.

Disruption or chaos attacks are motivated by the desire to cause chaos or disrupt normal operations.

Of the company.

And lastly, war war may also be a motivation for cyber attacks, military units, and civilian groups may use hacking and attempt to disrupt military operations and change the outcome of an armed conflict, or even just a battle of it. You know, if you can hack into.

To the Americas warships and make them not go, you know, and you're the enemy trying to smuggle oil or gas or weapons or drugs from somewheres. You know, how much easier does it make your life if you know that you can shut down the ships that are near you?