Cybersecurity For Dummies. Joseph Steinberg
Читать онлайн книгу.
and attack capabilities, who share one goal in common: They all seek to benefit themselves at the expense of others, including, potentially, you.
Bad guys up to no good include
Script kiddies
Kids who are not kiddies
Nations and states
Corporate spies
Criminals
Hacktivists
Script kiddies
The term script kiddies (sometimes shortened to skids or just kiddies) refers to people — often (but not always) young — who hack, but who are able to do so only because they know how to utilize scripts and/or programs developed by others to attack computer systems. These folks lack the technological sophistication needed in order to create their own tools or to hack without the assistance of others.
Kids who are not kiddies
While script kiddies are technologically unsophisticated (see preceding section), plenty of other kids are not. For many years, the caricature of a hacker has been a young, nerdy male interested in computers, who hacks from his parents’ home or from a dorm room at college. In fact, the first crop of hackers targeting civilian systems included many technologically sophisticated kids interested in exploring or carrying out various mischievous tasks for bragging rights or due to curiosity.
While such attackers still exist, the percentage of attacks emanating from these attackers has dropped dramatically from a huge portion to a minute fraction of a percentage of all attacks.
Simply put, teenage hackers similar to those depicted in movies from the 1980s and 1990s may have been a significant force in the pre-commercial Internet era, but once hacking could deliver real money, expensive goods, and valuable, monetizable data, criminals seeking to profit joined the fray en masse. Furthermore, as the world grew increasingly reliant on data and more government and industrial systems were connected to the Internet, nation and states began to dramatically increase the resources that they allocated to cyber-operations from both espionage and military standpoints, further diluting the classic teenage hacker to a minute portion of today’s cyberattackers.
Terrorists and other rogue groups
To date, terrorist groups and other parties intent on wreaking havoc and inflicting harm on innocent people have focused much of their online activities on brainwashing vulnerable people, recruiting members, and assembling supporters. There is little doubt, however, that such nefarious parties also understand the potential damage that can be inflicted by cyberattacks — and are actively building and seeking to exploit cyberattack capabilities — and that Western nations are beginning to react accordingly. In May 2019, for example, the Israeli military bombed a building in Gaza from which the Hamas terrorist organization — a group then receiving both financial aid and technology know-how from Iran — was allegedly launching cyberattacks against civilian targets.
Nations and states
Hacking by nations and states has received significant press coverage in recent years. The alleged hackings of the Democratic party email systems by Russian agents during the 2016 Presidential election campaign and the Republican party email system during the 2018 midterm elections are high profiles examples of nation state hacking.
That said, most nation and state cyberattacks are not nearly as high profile as those examples, do not receive media coverage, and do not target high profile targets. Often, they’re not even discovered or known to anyone but the attackers!
Furthermore, in some countries, it is difficult, if not impossible, to distinguish between nation or state hacking and commercial espionage. Consider countries in which major companies are owned and operated by the government, for example. Are hackers from such companies nation or state hackers? Are such companies legitimate government targets, or is hacking them an example of corporate espionage?
Of course, nations and states that hack may also be seeking to impact public sentiment, policy decisions, and elections in other nations. Discussions of this topic have been aired via major media outlets on a regular basis since the 2016 presidential election. In fact, since then, accusations of foreign meddling in U.S. elections through the use of both cyber misinformation campaigns and hacking, only continue to grow.
CHINESE FIRMS STEAL AMERICAN INTELLECTUAL PROPERTY
In May 2014, United States federal prosecutors charged five members of the People’s Liberation Army (PLA) of China with hacking four U.S. businesses and one labor union as part of their service in Unit 61398, China’s cyber-warrior unit. The allegedly hacked parties included Alcoa, Allegheny Technologies, SolarWorld, and Westinghouse, all of which are major suppliers of goods to utilities, and the United Steel Workers labor union.
While the full extent of the damage to American businesses caused by the hacking remains unknown to this day, SolarWorld claimed that as a result of confidential information stolen by the hackers, a Chinese competitor appeared to have gained access to SolarWorld’s proprietary technology for making solar cells more efficient. This particular case illustrates the blurred lines between nation and state and corporate espionage when it comes to Communist nations and also highlights the difficulty in bringing hackers who participate in such attacks to justice; none of the indicted parties were ever tried, because none have left China to any jurisdiction that would extradite them to the United States.
Corporate spies
Unscrupulous companies sometimes utilize hacking as a way to gain competitive advantages or steal valuable intellectual property. The United States government, for example, has repetitively accused Chinese corporations of stealing the intellectual property of American businesses, costing Americans billions of dollars per year. Sometimes the process of stealing intellectual property involves hacking the home computers of employees at targeted companies with the hope that those employees will use their personal devices to connect to their employers’ networks.
Criminals
Criminals have numerous reasons for launching various forms of cyberattacks:
Stealing money directly: Attacking to gain access to someone’s online banking account and issue a wire transfer of money to themselves.
Stealing credit card numbers, software, video, music files, and other goods: Attacking to purchase goods or add bogus shipping instructions into a corporate system leading to products being shipped without payment ever being received by the shipper, and so on.
Stealing corporate and individual data: Attacking to obtain information that criminals can monetize in multiple ways (see the section “It’s All About the Money: How Cybercriminals Monetize Their Actions,” later in this chapter).
Over the years, the type of criminals who commit online crimes has evolved from being strictly solo actors to a mix of amateurs and organized crime.
Hacktivists
Hacktivists are activists who use hacking to spread the message of their “cause” and to deliver justice to parties whom they feel aren’t being otherwise punished for infractions that the activists view as crimes. Hacktivists include terrorists and rogue insiders.
Terrorists
Terrorists may hack for various purposes, including to
Directly inflict damage (for example,