Who is the adversary, our cybersecurity “enemy”? Your mind might flash to the visual of a hooded figure with a mask, hacking away on a computer in the shadows of a darkly-lit basement.
Continue Reading Below
It sounds pretty scary—if it were only true. Today’s cyber attackers are more sophisticated and corporate in their conduct than ever before.
The reality is, the adversary targeting your money and resources can be anyone or any organization. To protect ourselves against evolving cyberattacks, let’s look at the different types of cybercriminals out there, their preferred targets, the types of ‘loot’ they seek, and their favorite offensive strategies.
Terrorist organizations and hacking activists, known as “hacktivists,” are not professional criminal organizations or nation-state attackers, they are a less common type of cyberattacker.
Their motivation is to advance religious and political agendas by spreading propaganda and creating fear and terror through cyber-attacks that weaken the U.S. economy, and ultimately detract from the global War on Terror.
Terrorist organizations and hacking activists are typically more primitive in their computer network accessing capabilities than other cybercriminals. That limits the real-world threats their cyberattacks pose relative to traditional physical attack methods. For these reasons, terrorist-originated cyber efforts tend to focus more on recruitment initiatives and spreading their ideology, although this dynamic may change as more technically competent generations enter their ranks.
In some cases, terrorist organizations will hijack and use a victim’s own computing resources to conduct large-scale botnet attacks against other targets.
Here’s how it works: The adversary harnesses the computing power of the devices under their control to perform distributed denial-of-service (DDoS) attacks against a designated target. Any IoT device connected to the Internet is susceptible and could be used in a global attack against a specific target.
In 2016, one type of malware, called Mirai, pointed 10 million devices towards Dyn, a Domain Name System (DNS) service acting as a large Internet “phone book provider.”
The effect was widespread: The attack resulted in popular websites like Reddit, Spotify, and Twitter shutting down for several hours.
Bad actors can obtain your computing resources through a couple of different methods, including implanting malware on your devices when you visit a malicious website, click on a link, or open an infected attachment in an email.
They can also gain access by scanning for vulnerable Internet of Things (IoT) devices with weak or default admin password credentials that have not been changed to something stronger.
The global War on Terror has forced terrorist groups to decentralize their operations and avoid extensive online coordination. In this environment, cyber-attacks require terrorists to assume elevated levels of risk that can prompt electronic surveillance to detect their activity.
Late last year, for example, authorities intercepted a Maryland resident man communicating with the Islamic State’s radicalization network, successfully thwarting an attack on the National Harbor area.
Most states and their respective defense departments have a significant, near-monopolistic grip, on their nation’s cyber capabilities, a dynamic that has prevented successful cyberterrorist attacks while allowing other resources to focus on tackling the underlying, localized causes of terrorism.
There is an attached risk, however, that states with a track record for illicit cyber activity could leverage cyber terrorists as an opportune way to achieve their own goals.
Bottom line: How do you protect yourself and your loved ones against cyberterrorists? By securing digital devices, questioning the legitimacy of inbound communications and taking additional steps to protect data that can be weaponized against us. We need to review and improve our ‘cyber hygiene’ as individuals, a society and as a collective economy.
Bart McDonough is CEO and Founder of Agio, a hybrid managed IT and cybersecurity services provider servicing the financial services, health care and payment industries.