Cybersecurity often seems very complicated because of the technical jargon, the specialized domain, and the sometimes bewlidering array of seemingly disconnected threats highlighted by the media. The goal of Cyber101 is to simplify and structure this information in a way that makes it more accessible to normal computer users who do not have a cybersecurity background. One place to start is with the bad guys: what do they want, anyway?
There are essentially only two goals that motivate malicious actors: steal your information or disrupt your business. The types of information malicious actors want to steal can vary. Sometimes the information they want to steal is intellectual property, credit card numbers or personal information; sometimes it is the secrets, such as passwords, that protect your infrastructure or your accounts.
The motivation behind business disruption can also vary. Financial institutions have been frequent targets in this category as malicious actors attempt to prevent bank customers from completing transactions or accessing their accounts. Political targets or occasionally targets of nation-state cyberwarfare also fall into the “disruption” category.
How do these threat actors accomplish their goals? There are some types of attacks that happen outside of any corporate network, “in the wild” on the open Internet. These attacks are described by names such as Distributed Denial of Service (DDoS), SQL injection, Man-In-The-Middle, and more, and target an organization’s public facing web sites, internet traffic, or other publicly exposed aspects of an organization’s presence in cyberspace.
More insidious are the attacks that take place from within an organization’s infrastructure. How does an attacker get inside an organization’s infrastructure? Three ways:
- Attack the network
- Attack the devices that connect to the network
- Attack the people who use the network and devices
There are a few other variations of course, but that is about it. Two main motivations, steal your information or disrupt your business, and four main attack “vectors”. The specific categories and types of attack are more numerous, and some attacks use combinations of the above vectors (targeting people in order to get to the network, for example), but this basic structure provides one way of organizing and beginning to understand most of the cybersecurity attacks you will see in the press.
Later editions of Cyber101 will investigate attacks in more detail, discuss why cybersecurity is so hard, and begin to describe the various categories of cybersecurity techniques that have evolved in the market.