Chapter 2 Exploring Cybersecurity Threats

Audio

 

 

Transcript

OK, let's talk a little bit more about threat actors themselves.

So the first one that we want to talk about is unskilled attackers or something called script kiddies. So these are basically people that have no real skills other than they know how to search the web. You can find scripts on the web.

To hack this.

Things and that's what they do. They download scripts and then they run them against companies until they either have some modicum of success or do something. You know these aren't real attackers. These are board kids and moms, basement who don't have anything better to do but.

They're commonly called script kiddies because they don't even have the ability to write their own scripts. They download them and use somebody else's work as their own and use that to try to do something. So you know their intent. Intent is not necessarily to.

Destroy your system, steal your data. It's mainly to be a pain in the **** to be honest, but that's their you know, their motivation is they're bored and looking for something to do. They want to feel like they're accomplished in the security world, and so they run these scripts. But realistically, you know, they don't have the ability to write it themselves.

They download it.

Then the next group is called hacktivist. So these are activists that are hackers and they're hacking into a system.

For whatever their cause is, you know we see in today's news where people are gluing themselves in into the roads and, you know, going into car dealerships and gluing themselves to floors and blocking roadways.

For well, you know hacktivists, those type of activists, but they're hacking into your computer, your network to.

For whatever their cause is, maybe they're against oil and they're try.

To hack into oil companies or their subsidiaries, or even the companies to make parts for for oil companies or, you know, part companies to make parts for cars that use oil and gasoline, those type of things. So that's what a hacktivist would.

Do.

So they break in.

For whatever their cause is, to try to further their cause along and then organized crime. So organized crime because.

Because if there's money to be made in it, then they are going to be involved. So that is why it's listed as organized crime, and that doesn't necessarily mean what we would think of back in the day as the mob just means they're an organized group. It could be, you know, like scammers in Nigeria.

That could be, you know, group gangs in Russia. It could be organized crime from Russia, but it could also be, you know, Nation state.

So you know, those are all you know, different types of organized crime. Don't think of it as just the mob. But you know, they're organized.

So you know, some of these are cyber dependent crimes. So they can only happen in a network and that is including ransomware.

Data company.

Nice distributed denial of service, which is also called a DDoS attack. That's when they attack your system and they flood it with so much information that it shuts it down and there's different ways of doing that. We won't get into them now. But you know, DDoS attack is just.

You know a way to shut down your website or your system. Normally it's.

Website website defacement and then attacks against crucial infrastructure. So if you attack a power plant and take it offline, well, that's crucial infrastructure and maybe lights go out in the state or states, things like that. So then there's. 

Csam, which is child sexual abuse material including child *********** abuse and solicitation. 

Unfortunately, that is part of the world and you know those groups make money in one of two ways. Selling that and then, you know, looking for that and blackmailing people that have that material. So that is part of the thing online.

Fraud, which includes credit card fraud and business e-mail compromises. So we all think we all understand what credit card fraud is, that type of activity and then you can compromise a business's e-mail to. 

To steal their data to, you know, get financial information and possibly steal that dark web activity, including the sale of illegals, goods and services. And that is just a whole array of things, from counterfeit products to stolen products.

To selling of people that's all dark web selling of information. So security numbers, things like that. That's all dark web activity.

And then cross cutting crime factors include social engineering, money mules and the criminal criminal abuse of cryptocurrencies. So you know, Crypto has just come up in the last couple of years. And if there's a way to make money, there's a way to try to defraud people that make that money. So those are called.

Cross cutting crime factors and they go into multiple phases. So if you're doing social engineering, that may be you know.

Getting into the network, it may be you know, a physical thing of, you know, doing something to a person. So social engineering takes many forms. What I was taking my ethical hacking classes. We had to learn social engineering skills. And one of the tasks that we had.

As REACH had to pick the name of a classmate, and then we had to go on the Internet and find as much information out about that person as we could.

And then come back to the room. And when you have information on somebody, you can then use that information. So you know those are different things to think about when you talk about threat actors.