If you think IT security problems are only caused by teenage hackers in their basements, you’re underestimating the scope of possible threats. While guarding against intrusion by curious geeks, every company needs to be on the lookout for security issues arising from a variety of sources — and some of them may surprise you. Let’s have a closer look at potential threat actors that could devastate your IT environment.
They say that all’s fair in love and war, but the dog-eat-dog world of commercial competition can lead some companies to go to extremes. It may seem unbelievable, but commercial espionage is a common threat in today’s connected age. Computer hacking is only one technique used in private spying on businesses. While gathering information on competitors from public sources is legal, the Economic Espionage Act of 1996 made it against the law to steal trade secrets. Protecting sensitive data includes locking down intellectual property and any other information that gives your company a competitive edge.
Intelligence is an important activity for any nation, but some rogue countries may use spying techniques to undermine or steal from legitimate businesses. A report from the U.S. National Counterintelligence and Security Center states that foreign economic and industrial espionage remains a significant threat to the U.S. “China, Russia, and Iran stand out as three of the most capable and active cyber actors tied to economic espionage and the potential theft of U.S. trade secrets and proprietary information.”
Cybercrime can be a lucrative business, and sometimes the hackers are as organized as legitimate businesses. Organized crime is responsible for the theft of hundreds of billions of dollars, according to research from Michigan State University. Rather than resembling the mafia families of old, these syndicates include hackers who work together based on the particular technical skills that they bring to the group. Much of this activity and interchange takes place on the dark web.
With varying motivations, insiders can be a bigger threat to an IT environment than any hacker from the outside. It could be a past or present disgruntled employee, a contractor or consultant on temporary duty, or a curious employee playing with systems to see how far they can go. Insider threats are particularly dangerous because these are people who already have access. That’s why it pays to maintain tiered permissions on all systems, following the principle of least privilege.
Even those on the inside who are well-meaning can be a threat to your infrastructure. An untrained or careless employee can leave data exposed to external threats or open the doors for attackers to gain unauthorized access. It’s extremely important to adequately train workers on the best practices for IT network and system security. And employees should be held accountable for careless errors. Anyone who absent-mindedly leaves the door to a building unlocked should not be trusted with the keys. The employee who fails to secure the network out of carelessness should be of equal concern.
Some people take their social or political causes very seriously. That could include committing cybercrime. The word hacktivist combines the concepts of hacking and activism to describe a person who would break into computer systems to influence policy and bring about change. It can actually be a form of online protest. A related practice is doxing, where private contact information of political figures or opposing activists is released to the general public, making the targets vulnerable to further activist protests.
Teenage hackers in their basements might be skilled in various technologies, but very often they just run canned scripts that are readily available on the internet or the dark web. The term script kiddies describes people who gather and execute programs written by others without necessarily knowing much about the underlying code. These threat actors may see it all as a challenging game for bragging rights with friends or online group associates. The attacker may send a barrage of scripts to a variety of targets to increase chances of success.
Dealing with security threats is no small exercise, especially when you consider the many possible sources of attack. Your company’s IT security plan should account for all the types of threat actors that may have your IT environment in its sites. Knowledge is power, and knowing all you can about security threat sources will enable you to provide greater protection for your systems.