Cybersecurity: Sources Threats (Beginners)

 

1   1-   The four dimensions of the cyber threat  

A cyber threat is always composed of 4 main elements:

• ·        An attacker or a group of attackers with various profiles.
• ·        One or more objectives corresponding to the attacker's motivations.
• ·        A target (person, organization, etc.) which may be a victim's information system and/or targeted data.
• ·        A cyberattack or modus operandi that refers to the steps and operations that the attacker carries out to achieve his objective.

    2- The main attacker profiles  

 

Amateurs, with no particular skills (known as "script-kiddies") are attackers with little expertise. They most often use tools available on the internet and easily downloadable. Their motivation is playful, recreational ("to have fun").

 

"Vengeful" or "malicious" attackers, often isolated, whose motivation is personal or even emotional. For example, a rematch against

a former employer.

 

Cyberhacktivists (a fusion of hacker and activist), i.e. any type of attacker acting according to ideological, political, etc

 

Experienced strikers whose motivation is essentially technical.

 

Organized cybercriminals and mercenaries working for themselves or someone else's criminal organization. Their motivation is mainly lucrative (financial).

State actors, often endowed with significant resources and with multiple motivations. They can be of a nature strategic interests, depending on the interests of a State and may sometimes to pursue an offensive design.

 

3   3- The objectives of the attackers  

 

The challenge, the fun, aimed at achieving a feat for the sake of social recognition, challenge or simple fun. Even if the objective is essentially playful, this guy can have serious consequences for the victim.

 

Cybercrime for profit refers to attacks aimed at obtaining a financial benefit from malicious cyber activities. E.g.: the unlawful collection of bank details, etc.

 

Influence, the agitation consisting of acting on the field of information, often at the initiative of cyberhacktivists: hijacking accounts on social networks, defacement of websites, etc.

 

The objective of espionage is to exfiltrate strategic information, industrial or state secrets.

 

Strategic pre-positioning consists of discreetly positioning oneself in a computer network without the desire to act immediately, for example to prepare a future attack, without the purpose being always obvious.

 

Obstruction of the operation, by sabotage operations, neutralization refers to attacks whose objective is to making an information system and data unavailable, through saturation (for example, "denial of information" attacks). service" that can make a website or "ransomware" inaccessible) or even by physical destruction hardware (e.g., deceiving measuring instruments at a critical infrastructure operator's facility to prevent alarm mechanisms from triggering and lead to system destruction).

 

4  4-   The young hoodie: The not-so-common profile ...

 

The cyber attacker is often described in movies and media as a "hacker" who is a lone "kid" wearing a hoodie and acting late at night to "hack the CIA" from his bedroom computer.

 

-         If the isolated striker acting from his room is indeed a real category, it is a caricature, negligible in terms of impact. The reality of the threat today is more that of groups professional strikers, acting on their working hours.

-         The term "hacker" is, moreover, wrongly associated only with malicious actors. However, historically, it refers to a positive culture of "resourcefulness", "sharing" and "improvement” infields such as computer science but also electronics, carpentry, mechanics, etc. For the sake of distinguishing from the actors malicious people, we now speak of "ethical hackers".