Security Technology Executive

SEP-OCT 2018

Issue link:

Contents of this Issue


Page 22 of 59

www. • September/October 2018 • SECURIT Y TECHNOLOGY E XECUTIVE 23 attackers of America's computer networks, at federal, state and local government agencies level, in addition to U.S. corporations, and academic institutions. There are three classes of threats to critical infrastructures: • Natural - earthquakes, tsunamis, land shifting, volcanic eruptions, extreme weather (hurricanes, floods, draught), fires. • Human-Caused - terrorism, rioting, product tampering, explosions and bombing, theft, financial crimes, economic espionage. • Accidental or Technical - infrastructure and hazardous material failures and accidents, power-grid failures, water-treatment facilities failures, water-mains ruptures, safety-systems failures and a host of other disasters of omission and/or commission. Cyber Threats The list of cyber threats increases rapidly, as the number of hacking- sensitive platforms and poten- tial victims increase, attracting more and more indi- vidual, private and state actors into the fray. The fol- lowing list represents a partial set of typical threats (Source: GAO): • Terrorists and other non-state actors seeking to destroy, incapacitate, or exploit critical infrastructures to threaten national security, cause mass casualties, weaken the economy, and damage public morale and confidence. • Criminal groups, attacking systems, using spam, phishing, and spyware/malware, identity theft, online fraud, and computer extortion for monetary gain. • Business intelligence operators, including criminal organizations, conducting voluntary and on-demand industrial espionage. • Individuals and groups "grazing" the cyber world in search of victims, for a combination of thrill, monetary and "training" purposes. • Bot-network operators, using networks, or botnets, of compromised, remotely controlled systems to coordinate attacks and to distribute phishing schemes, spam, and malware attacks. • Disgruntled insiders, poorly trained employees, incompetent contractors – all creating the opportunities for outsiders to penetrate networks. • National intelligence and psychological operations organizations, using cyber tools for information gathering, regime destabilization and as another arm furthering strategic goals. • Spammers using the above methods to distribute unsolicited e-mail with hidden or false information to sell products, conduct phishing schemes, distribute spyware or malware, or attack organizations (e.g., a denial of service). • National and/or commercial organization specializing in deploying spyware or malware against organizations or individuals, for political and commercial purposes. The interdependence of America's power grid, and the geographic concentration of America's refineries creates a vulnerability that certainly attracts the attention of terrorists; indeed, many experts think that energ y systems are an attractive target to cyber-criminals/ terrorists Photo Courtesy of iStock

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Technology Executive - SEP-OCT 2018