search

Who is a threat agent?

1 years ago
Komentar: 0
Dibaca: 133

By Matthew Lamb, Managing Director

I recently took a course on Managing Cyber Security Risk because it is an ever-present issue that all organisations, both large and small, face these days. Of course I took away many learnings, but I wanted to talk about one particular issue today; the number of ‘Threat Agents’ that are out there that we need to be conscious of when considering cyber security, or, more properly, undertaking a risk assessment. Naturally it will depend on what your organisation does as to the relevance, and therefore risk, of the list below but one thing that is certain is that the likelihood is very high of one of them affecting the confidentiality, integrity or availability of your data.

Threat Agents:

1. Nation States

Those companies that operate in certain sectors, e.g. telecoms, oil & gas, mining, power generation, national infrastructure etc., may find themselves a target for foreign nations either to disrupt operations now, or to give that nation a future hold in times of adversity.

We have heard many examples of this from the alleged Russian interference with the US Presidential elections, to Sony claiming that North Korea had been responsible for their sites being hacked in 2014 and more recently the concerns about Huawei providing 5G networks because of the possibility of them passing information to the Chinese government.

2. Non-target specific (Ransomware, Worms, Trojans, Logic Bombs, Backdoors and Viruses perpetrated by vandals and the general public).

There are so many times that companies have said to me “Oh we’re not going to be a target for hackers because….” But the number of random attacks that are going on every day is so vast (there are no accurate statistics on this to share here) that every and any organisation can become a victim.

The most famous example of a non-target specific attack is the WannaCry ransomware incident that affected over 200,000 computers in 150 countries. In the UK it shut down the NHS for several days. And, of course, there is the bored teenager in a loft somewhere just trolling the internet to find a weak link.

3. Employees and Contractors

Machines and software programmes are quite good at protecting against malware, unless it is a Zero-day virus. It is humans that are often the weakest link in the security system, either maliciously or accidentally.

Common mistakes such as sending an email to the wrong person happen but usually we realise the mistake quickly and are able to rectify the situation. Simple measures such as password protecting files can also help to mitigate the effects of such mistakes.

However unfortunately there are also disgruntled people out there who purposefully harm organisations from the inside. Recently Morrisons supermarket faced a case where a disgruntled internal auditor downloaded payroll and other HR personal data and published it on the internet. The ex-employee was convicted and sent to prison, but Morrisons was also fined because it did not have the proper technical and organisational measures in place to prevent this act (note that Morrisons is currently appealing against the fine).

There are also times when organisations need specialist help and so engage contractors, or external agencies, who need some access to their systems, or data. It is often these third parties that can cause a problem because they may not have the same levels of security on their devices that have access to the controller’s data.

4. Terrorists and Hacktivists (political parties, media, enthusiasts, activists, vandals, general public, extremists, religious followers)

Rather like the threat caused by nation states, it does depend on your activities as to the level of threat these agents pose. However some terrorists look to target certain industries or countries so there could be a persistent threat of a random attack against you.

Perhaps the most famous example of this would be the Wikileaks revelations in 2010 publishing over diplomatic cables and other documents relating to the conflict in Iraq and Afghanistan.

5. Organised crime (local, national, transnational, specialist)

Criminals are targeting personal data for a number of different reasons; credit card fraud, identity theft, bank account fraud and so on. These crimes are now being perpetrated on an industrial scale. Methodologies vary from phishing attacks to ‘Watering Hole’ websites, but the end result is the same; you and your data are being extracted and used for nefarious means.

According to the Credit Industry Fraud Avoidance (Cifas) 2018 Fraudscape report, the number of identity frauds increased once again in 2017, with almost 175,000 cases recorded. Although this was only a 1% increase compared with 2016, it’s a 125% increase compared with 10 years ago and 95% of these cases involved the impersonation of an innocent victim.

6. Natural disasters (fire, flood, earthquake, volcano)

Whilst not a cyber attack, these events can have the same net effect to your ability to do business. If you cannot access your offices, data centres, or files stored on the cloud, then you are still experiencing a data disaster, and this must be taken into account. In the UK the threat of earthquake is very low, but every year we see pictures of a town or city under water.

7. Corporates (competitors, partners)

The threat from a competitor stealing your intellectual property is obvious, but we are increasingly working with many partner organisations to fill gaps in skills and resources, or simply to provide services. These partner companies may steal, or reveal, your intellectual property, or the personal data you are storing, either unwittingly, or maliciously, depending on their motives.

Perhaps the example that exemplifies how partner organisations can be the cause of a breach is the attack on the US retailer Target in 2013. The hackers targeted (excuse the pun!!) suppliers and found a weak link with an HVAC contractor, Fazio Mechanical. By sending a phishing email to a Fazio employee, the hackers were eventually able to access Target’s point-of-sale systems.  This gave them access to up to 40 million credit and debit cards of shoppers who had visited its stores during the 2013 holiday season. This has cost Target over $200m.

So what can you do about the risk of cyber attacks?

The obvious first step is to undertake a risk assessment on your current status and then to update it whenever this business-as-usual situation changes, e.g. moving into a new country, engaging a new supplier etc. Organisations also need to be managing their data security with a proper management system that reports on what threats it currently faces, and how it is defending against them, as well as scanning the environment for new threats.

Referring back to the GDPR, it constantly mentions implementing “technical and organisational measures” to ensure data privacy and security. Many organisations only rely on their technical measures (firewalls, anti-virus systems etc.) for protection and forget the organisational measures that also need to be implemented (training, access control reviews, business continuity plans, personal data breach plans, policies and procedures, contracts etc.). These organisational measures are critical because it is often the humans that make the mistakes; sending emails to the wrong person, clicking on phishing links, downloading personal data, or forgetting to properly implement the “joiners, movers and leavers” HR processes.

The Data Guardians has extensive experience in advising companies on data protection and data security risk management as well as helping companies to identify and implement the correct, and appropriate, technical and organisational measures, including conducting due diligence on the information security and GDPR compliance status of your data processors.

For more information please email us at 

Who is a threat agent?

A threat agent is an active entity motivated to attack our mobile devices and activities. We may identify threat agents as specific organizations or individuals, like Anonymous, or we may classify them by goals or methods of operation (MOs). For example, shoplifters are a class of threat agent that attacks retail stores.

[This post is another piece of text I’m writing as part of a mobile security writing project. It was originally part of another post, but it can stand on its own.]

A threat agent has the following properties:

  • A set of goals – these may be political, financial, religious, or reflect other personal or community values.
  • A level of motivation – these indicate the types of risks  the agent is willing to take and levels of damage willing to cause in pursuing the goals. These are discussed below.
  • Assets and resources – these indicate the types and amount of effort the agent may expend. Effort may be spent on training or collecting data for an attack as well as the costs of the attack itself.
  • Method of operation/MO – these are the typical features of the agent’s attacks.

The levels of motivation contain two scales. The lower three levels reflect risks in typical social environments, like households or small businesses. The higher three levels represent risks faced in the world at large.

  • Unmotivated – Potential threat agents are not at all motivated to attack.
  • Scant motivation – Threat agents may take advantage of unprotected assets if the risk of detection are small. Attacks won’t occur unless they can succeed with little or no effort or sophistication.
  • Stealth motivation – Threat agents may be motivated to invest in and use established techniques to attack assets, as long as the risk of detection is small.
  • Low motivation – willing to cause detectable damage of limited scope.
  • Moderate motivation – willing to cause damage, though not to cause significant damage or serious injury to people.
  • High motivation – willing to cause significant damage, including death or serious injury of people.

The higher three risks match those in the Risk Management Framework (RMF) developed by the U.S. National Institute of Standards and Technology (NIST) for assessing risk in U.S. government systems.

Q&A Who

Pos Terkait

Who pays the most taxes rich or poor
Who pays the most taxes rich or poor

What is cucumber in spanish
What is cucumber in spanish

What is defined as the amount of force that can be created by a muscle or group of muscles endurance strength power hypertrophy?
What is defined as the amount of force that can be created by a muscle or group of muscles endurance strength power hypertrophy?

What is an emotional reaction that is similar to the reaction being experienced by another person known as?
What is an emotional reaction that is similar to the reaction being experienced by another person known as?

Why would the nurse use a doppler unit to assess pulse?
Why would the nurse use a doppler unit to assess pulse?

No gráfico abaixo está representada uma função polinomial do 1o grau qual é a raiz dessa função
No gráfico abaixo está representada uma função polinomial do 1o grau qual é a raiz dessa função

What are the 4 types of financial institutions?
What are the 4 types of financial institutions?

When a girl asks what are you looking for in a relationship
When a girl asks what are you looking for in a relationship

What are the 3 types of independent agencies?
What are the 3 types of independent agencies?

Was ist botanisch gesehen der unterschied zwischen stacheln und dornen
Was ist botanisch gesehen der unterschied zwischen stacheln und dornen

Periklanan

BERITA TERKINI

Apakah fungsi data cleaning dalam python?
1 years ago . by UndiscoveredDucking
Cara cek kartu kredit bca aktif atau tidak
1 years ago . by MythicalCoverage
Cara menggunakan setcookie not working javascript
1 years ago . by DrabServitude
Cara menggunakan fungsi struktur html
1 years ago . by ParticipatingAdvert
Which MySQL edition used for physical backup?
1 years ago . by HeedlessLikeness
Php imagemagick pdf ke png kualitas tinggi
1 years ago . by QuietRegularity
Cara menggunakan python raise typeerror
1 years ago . by DifficultImmunization
Cara mengisi game di ps 3
1 years ago . by VeterinaryReviewer
Bagaimana Anda memeriksa apakah saya sudah menginstal mysql?
1 years ago . by PriestlyDonkey
Mengapa gambar tidak ditampilkan di html?
1 years ago . by High-qualityWidget

Toplist Popular

#1
Top 7 os elementos da paisagem descritos no texto correspondem a aspectos biogeográficos presentes na 2022
1 years ago
#2
Top 6 a energia nuclear é uma alternativa aos combustíveis fósseis que, se não gerenciada de forma correta 2022
1 years ago
#3
Top 6 a persistência das reivindicações relativas à aplicação desse preceito normativo tem em vista 2022
1 years ago
#4
Top 7 wie viele zigaretten sind ein shisha kopf 2022
2 years ago
#5
Top 7 wie viel kostet eine badewanne voll wasser 2022
2 years ago
#6
Top 8 golf 7 standheizung fernbedienung anlernen 2022
2 years ago
#7
Top 8 sky receiver aufnehmen nicht möglich ohne abo 2022
2 years ago
#8
Top 5 einhell kgsz 300 ug sägeblatt wechseln 2022
2 years ago
#9
Top 7 renault clio 3 abblendlicht wechseln anleitung 2022
2 years ago
#10
Top 8 outlook diese datendatei ist mit einem e-mail-konto verbunden 2022
2 years ago

Periklanan

Terpopuler

Periklanan

Tentang Kami

Legal

Dukungan

Social

homeentrdeptjp
Copyright © 2024 membukakan Inc.