Bad Actors in Cyberspace

Bad actors refer to members of the cyberspace community who pose a security threat to both organizations and states as well as their assets. Bad actors include Hacktivists, black-hat hackers, insider threats, organized crime syndicates, and script kiddies (Hundley & Anderson, 2002). Hacktivists constitute a gathering of individuals who come together to carry out cyber-attacks against the organizations or states that do not align with their political views. An example is Anonymous, a Hacktivists group that used Distributed Denial of Service (DDoS) as a technique to prevent legitimate users from assessing their websites (Mansfield-Devine, 2011). Hacktivists often openly declare their intentions to attack in an aim to recruit like-minded individuals to support their political cause. An organization may mitigate the risk of hacktivism by monitoring social networks to see if your corporation is a target and by ensuring the firm puts in place a high level of awareness of messaging among employees.

Another bad actor in cyberspace is black hat hackers who usually work alone or in small groups often with malicious intent. Black hat hackers cause damage by changing the functions of particular websites and networks, steal passwords, or other useful information that may be personal that is stored in servers of an organization. Their motivation is usually financial gain, but there are cases where black hat hackers only aim to inflict damage more so as a form of revenge. Having a top-notch IT security department may be the best way to avert these actors.

Insider Threats refer to rogue members of an institution having a malicious intent against their firm. The rogue employees are capable of leaking confidential company secrets or leaving the storage systems unguarded. A well-established staff welfare system may mitigate this risk.

An additional bad actor in cyberspace that utilizes the Dark Web to engage in criminal activities are organized crime syndicates. They are capable of hacking shipping consignment logs in Ports to hide containers with illicit drugs and are responsible for human trafficking cartels being able to act under the radar of security organizations. Similarly, their greatest motivation is financial gain.

Bad actors in cyberspace who utilize programs and scripts written by others to carry out attacks are the script kiddies. They pose a danger to the security of an organization primarily if they lay their hands on a particularly malicious code written by an expert. Their motivation is usually recognition among peers. Script kiddies use Trojans to breach networks, but their risk aversion includes an up-to-date security firewall.

Types of Cyber Security Attacks

Cyber Security attacks utilize malicious codes to exploit the vulnerability of networks and computers. Cyber Security Attacks include malware attacks, man-in-the-middle attacks, drive-by attacks, phishing attacks, and password attacks. Malware attacks constitute unwanted software installed in a user’s computer without their consent. Malware attacks include viruses, trojans, logic bombs, worms, spyware, adware, and ransomware that compromise the normal functioning of a computer or network of computers.

The second type of Cyber Security attack is the Phishing attack that involves the sharing of emails and texts that, when opened, expose the receiver to data theft through the installation of malicious software (Hong, 2012). Man in the Middle (MITM) attacks occur when an intruder inserts themselves between a server and an end-user, thereby compromising the information shared. A MITM attack is achieved through session hijacking, IP spoofing, or replaying.

A Password attack is a cyber-security threat where a cracker uses cracking brute-force software to discover and gain unauthorized entry into the user computer by obtaining their password. The attack, if successful, leaves the entire user’s information vulnerable. Mitigation is through having a strong password policy in the organization. A drive-by attack occurs when an internet user accesses an insecure website, the website automatically downloads malware without prompting the user, and this can result in private information leaking. Drive-by attacks are the reason behind the use of HTTPS everywhere to mitigate insecure websites.

Types of System Attacks

System attacks affect network systems by compromising either the server end or the user end. System Attacks include SQL-Injection attacks, Cross-Site Scripting attacks, and Denial of Service attacks. SQL-Injection attack prompts a server to divulge sensitive information about websites and users it usually would not disclose, such as user credentials. Black hat hackers after financial gain such as blackmail perpetrate SQL-Injection attacks.

Another type of system attacks is Cross-Site Scripting (XSS) attacks. XSS attacks involves the introduction of a dubious code into a website that subsequently attacks the users of the site by exposing their sensitive information (Gupta & Gupta, 2017). Similarly, black hat hackers use this form of attack. The Denial-of-Service (DoS) attack is an additional type of system attack that targets the legitimate users of a service by denying them access to it. It occurs when hackers overwhelm the servers of a particular website making its access impossible. When multiple computers perform a DoS attack, the scenario is a Distributed Denial of Service (DDoS) attack (Geng & Whinston, 2000). Hacktivists prefer this system attack to cripple websites they consider deviant from their political views.

Cyber Defense Tools

In an aim to mitigate risks that are inherent in internet usage, cyber defense tools offer an excellent choice. The tools include anti-virus software, public key infrastructure, penetration testing, and firewalls. Anti-Virus Software enables users to defend their personal computers and networks from malicious attacks by scanning, identifying, and remove threats in them. Such software is readily available in the market at a consumer-friendly price.

A Public Key Infrastructure (PKI) enables the secure exchange of information between parties over the internet through encryption. PKIs reduces the risk of interception through users having keys at both ends of the information relay. Another cyber defense tool is Penetration Testing. During a penetration test, a professional imitates the actions of an actual intruder into the system to find flaws and vulnerabilities. Firewalls are an additional cyber defense tool that stops any unauthorized access into a restricted network and is the best for private networks. They deter internet users from entering private networks by using hardware and software defense tools.

Cyber Defense Structures

There are various cybersecurity programs and structures in the nation that have been established to facilitate cyber defense. An example is The Cybersecurity Framework developed by the US Department of Homeland Security that helps mitigate the risk of cyber-attacks by connecting players in both the public and private sectors. Another program is The Continuous Diagnostics and Mitigation (CDM) that helps to identify, access, and protect organizations from Cyber-crime. An additional program is the National Cyber Awareness System (NCAS) center regularly produces information about threats and tips to the public for best security practices. The Federal Virtual Training Environment (FedVTE) library also aids in cyber defense by providing an in-depth information archive for that is useful in personnel training on the best ways to defend against cyber-attacks.

Conclusion

Cyberspace possesses active users with malicious intent who have an array of tools and methods that they utilize for attacks. However, cyber defense tools and structures available in the market place enable cyberspace users to identify, protect, and respond with tact should such perpetrators threaten their security.