Explain the basics of being safe online, including what cybersecurity is and its potential impact.
Explain the most common cyber threats, attacks and vulnerabilities.
Explain how organizations can protect their operations against these attacks.
Access various information and resources to explore the different career options in cybersecurity.
Module 1 - Introduction to Cybersecurity
Welcome to this module, which aims to help you understand
the growing need for cybersecurity.
Faced with an unprecedented surge in cyber attacks, never before has
the demand for cybersecurity professionals been so high.
Find out more about what cybercriminals want and what you can do
to ensure that a cyber threat never becomes a reality.
Chapter 1.4 - Cyber Attackers
Attackers are individuals or groups who attempt to exploit vulnerability for personal or financial gain.
As we’ve already seen, they are interested in everything, from credit cards to product designs!
1.4.1 Types of Attackers
Let’s look at some of the main types of cyber attackers who’ll try anything to get their hands on
our information. They are often categorized as white hat, gray hat or black hat attackers.
Amateurs
The term 'script kiddies' emerged in the 1990s and refers to amateur or inexperienced
hackers who use existing tools or instructions found on the Internet to launch attacks. Some
script kiddies are just curious, others are trying to demonstrate their skills and cause
harm. While these white hat attackers may use basic tools, their attacks can still have
devastating consequences.
Hackers
This group of attackers break into computer systems or networks to gain access. Depending on
the intent of their break in, they can be classified as white, gray or black hat hackers.
White hat attackers break into networks or computer systems to identify any
weaknesses so that the security of a system or network can be improved. These break-ins
are done with prior permission and any results are reported back to the owner.
Gray hat attackers may set out to find vulnerabilities in a system but they will
only report their findings to the owners of a system if doing so coincides with their
agenda. Or they might even publish details about the vulnerability on the internet so
that other attackers can exploit it.
Black hat attackers take advantage of any vulnerability for illegal personal,
financial or political gain.
Organized hackers
These attackers include organizations of cyber criminals, hacktivists, terrorists and
state-sponsored hackers. They are usually highly sophisticated and organized, and may even
provide cybercrime as a service to other criminals.
Hacktivists make political statements to create awareness about issues that are important to
them.
State-sponsored attackers gather intelligence or commit sabotage on behalf of their
government. They are usually highly trained and well-funded and their attacks are focused on
specific goals that are beneficial to their government.
1.4.2 What Color Is My Hat?
Now that you know the different types of attackers and their motivations for doing what they do, can
you identify what color of hat is worn by the attacker in each of the following scenarios? This is a
tricky one but remember, you can earn valuable defender points if you answer correctly.
After hacking into ATM systems remotely using a laptop, this attacker worked with the ATM
manufacturers to resolve the identified security vulnerabilities.
Gray hat
This attacker transferred $10 million into their bank account using customer account and PIN
credentials gathered from recordings.
Black hat
This attacker’s job is to identify weaknesses in a company’s computer system.
White hat
This attacker used malware to compromise a company’s system and steal credit card information
that was then sold to the highest bidder.
Black hat
While carrying out some research, this attacker stumbled across a security vulnerability on an
organization's network that they are authorized to access
White hat
White hat attackers aim to discover security weaknesses so that they can be improved, whereas black
hat attackers take advantage of any vulnerabilities for illegal personal, financial or political
gain. Gray hat attackers are somewhere in between. While they may not have malicious intentions,
they want to get something for their discovery.
1.4.3 Internal and External Threats
Cyber attacks can originate from within an organization as well as from outside of it.
Internal threats
Employees, contract staff or trusted partners can accidentally or intentionally:
mishandle confidential data
facilitate outside attacks by connecting infected USB media into the organization’s
computer system
invite malware onto the organization’s network by clicking on malicious emails or
websites
threaten the operations of internal servers or network infrastructure devices.
External threats
Amateurs or skilled attackers outside of the organization can:
exploit vulnerabilities in the network
gain unauthorized access to computing devices
use social engineering to gain unauthorized access to organizational data.
1.4.4 What Do You Think?
Remember that phishing email you received earlier from one of your customers?
An investigation into this email revealed that the user accounts and access privileges of a former
employee were not fully removed from the IT systems on leaving the company. In fact, this former
employee, who now works for a competitor, logged into @Apollo’s customer database only three days
ago.
Has an internal or external security threat occurred here?
Internal
This ex-employee was able to launch an attack based on insider knowledge of the organization’s
network. For this reason, internal threats have the potential to cause greater damage than
external threats.