The CRM & Marketing 101 WebLog

Sources of cyber threats

The various sources of cyber threats are

1. Terrorists
The cybercriminals generally take the help of malware or Phishing to obtain important and sensitive information and generate funds. The terrorists seek to exploit and destroy critical infrastructure and human lives to damage public confidence and weaken the economy.

2. Hacktivists
Cybercriminals or Hacktivists have a political agenda and are made of groups and individuals. They are considered as a mid-level threat as they can cause isolated attacks that are damaging.

The goal of Hacktivists is propaganda instead of actual damage and destruction to critical infrastructure. One of the most popular Hacktivists group is Anonymous that took down the Ferguson Police Department in the United States of America.

3. Hackers
The hackers pose a minimum threat to damage of national-level infrastructure. The hackers are credited with brief disruptions that can cause property damage and loss of life.

There are different types of hackers like Script Kiddies who are credited with defacing web pages, Virus writers who love notoriety and believe in causing disruptions of computer systems and networks, Professional hacker-black hat who penetrate the network and exploit coders and Security researcher and white hat whose primary goal is profit earning.

4. National Governments
The national cyber warfare programs pose a threat to the interest of a country as it wants to destroy, disrupt and weaken the government. The cyber threats include web-page damage, propaganda, loss of life, espionage and infrastructure disruption.

5. Organized Crime Groups and Industrial Spies
An important source of cyber threat is Organized Crime Groups and Industrial Spies. Their goals are profit-based and they pose a medium-level threat to a country. Their goal includes developing hacker talent, monetary theft and conducting industrial espionage.

6. Nation-State Threat Actors
The source of cyber threat is from foreign governments who are obviously hostile and working to undermine a specific country. The attacks are targeted to gain a tactical advantage, access military intelligence and pilfer intellectual property in order to cause harm to the rival nation.

7. Individual Threat Actors
Cybercriminals commit crimes to enhance their reputation and credentials. Initially, they operate alone but later are recruited for organized crimes. An example of Individual Threat Actors is The City of Detroit whose entire database was held for a ransom of 2,000 Bitcoin.

8. Bot-network operators
These are hackers who take over multiple systems to distribute malware attacks, spam and Phishing so as to obtain financial gains.

9. Phishers
An important source of cyber threat is Phishers who work alone as well as in small groups. They use malware and spam to steal information or identities for financial gain.

10. Spammers
One of the sources of cyber threat is Spammers who work as organizations or individuals. They are credited with the distribution of false or hidden information to carry out Phishing schemes.

Cyber threats level

A threat level indicator or cybersecurity index is used for offering reliable information about a threat that is targeting key assets, infrastructures, networks, and software. The five levels on the indicator portray the potential for damage and have been described below-

The red color indicates severe status and thus the risk of malicious activity or hacking is highest. The vulnerabilities are exploited as they can cause wide-spread and a high level of damage to critical infrastructure.
The next level is orange that also indicates high risk but less if compared with red color. The level demonstrates disruptions and damage to core infrastructure, system compromises, and numerous service outages.
The next level is Yellow that indicates an elevated risk of cyber activity and hacking to diminish or compromise services. It has the potential of high disruptions.
The fourth level of cyber threat is blue which indicates guarded response. There is a potential for malicious and harmful activities but any such activity has not been identified until that date.
The last level is green that indicates a low level of cyber threat. Except for the normal concerns, these are generally considered as a warning and often are kept aside for future references.