Cybersecurity Threats: Elite Hackers vs Insiders Quiz

Types of Hackers

• Elite hackers are highly technical individuals who can write scripts to exploit vulnerabilities and discover new ones.

Insider Threats

• Insiders are more dangerous than outside intruders because they have access and knowledge to cause immediate damage.
• Insiders often know the security systems and can avoid detection.
• Insider attacks can be accidental or intentional.
• Examples: Chelsea Manning and Edward Snowden.

Physical Access

• Numerous individuals have physical access to company facilities, including custodial crews, contractors, and partners.

Criminal Organizations

• Criminal organizations employ structured threats with planning, financial backing, and possibly collusion with insiders.
• Structured threats involve greater planning, more financial backing, and possibly corruption of insiders.
• Tactics, techniques, and procedures (TTPs) are methods used by adversaries to assist in identification and defense.

Threat Intelligence

• Threat intelligence gathers information from various sources to focus defenses against likely threat actors.
• Threat intelligence is crucial for detecting threats and prioritizing responses.
• There are two comprehensive forms: Information Sharing and Analysis Centers (ISACs) and Information Sharing and Analysis Organizations (ISAOs).

Open Source Intelligence

• Open source intelligence collects threat intelligence information from public sources.
• Public sources include news articles, blogs, and government reports.
• Open source intelligence helps in understanding adversary TTPs.

Historical Incidents

• Morris Worm (1988): first large-scale attack on the Internet; 6000 infected, $100 million in damage.
• Citibank and Vladimir Levin (1994): broke into bank's cash management system; stole $10 million, recovered $9.6 million; 3 years in jail.