Cybercriminals: Masterminds Wreaking Havoc in Cyberspace

By Bruce Harmon, Ph.D., Doctoral Chair of Computer Science

In recognition of Cybersecurity Awareness month in October, our faculty offer insights on both policy and technical issues related to cybersecurity. In our third post of the series Stephen Recca, M.A., looked at cybersecurity threats from a policy perspective. In today’s post, Bruce Harmon, Ph.D., looks at the individuals behind cybersecurity threats and the methods they use to wreak havoc.

CTU Information Technology Degree - CybercriminalsJust last week, U.S. Secretary of Defense Leon Panetta, warned Americans of the possibility of a “Cyber Pearl Harbor”, a devastating attack on the computing infrastructure of the United States.  It was a sobering speech to say the least.  That such a high-raking government official should make such a warning at this time is testament to the vulnerability of our computing systems and the technology they control.  He is not the first nor will he be the last to sound the alarm.

There is a tremendous diversity to the threats in the cyber domain and the entities that are behind them. Let’s take a closer look at the individuals responsible for the various threats threatening our cybersecurity.

Hackers
The first group I would call the hackers, individuals that seek to demonstrate that they can cause harm by simple exploitation of vulnerabilities in computer operating systems, networks, and applications.  The hackers often have no other motive than to show that they are clever enough to do it or to expose these vulnerabilities to those who should know better.  Hackers are behind most viruses.

Disruptors
The next level up are those who seeks to disrupt business websites by denial of service attacks.  Usually this is done without attempts to gain or profit, just a desire to cause upheaval.  The individual or group conspires to bombard the relevant servers with an overwhelming number of requests so that the servers cannot service the real customers.   Worms, zombies, and the like are dispersed from numerous computers under either remote control or autonomous operation.

Criminals
Then there are the criminals, often operating an organized crime that seeks to steal identities in order to access sensitive account information and cause transactions for commercial gain.  They might use phishing or social engineering to steal account names and passwords before proceeding to exploit that information.

Infiltrators
We should not leave out groups that seek to infiltrate organizations to find information that could then be made public for the purpose of embarrassing the penetrated organization.  WikiLeaks < http://en.wikipedia.org/wiki/WikiLeaks> is a well-known ring leader in this realm.

Enemies
Finally, there are the nations that conspire for espionage or outright intent to damage another nation.  A nation or nations were believed to be behind the cyber attack on the Iranian nuclear program.  This attack demonstrated that even the localized programmable logic controllers that manage low-level processes can be attacked by propagation of worms over the Internet until they are resident on the actual computers that serve such controllers.

To Secretary Panetta’s point, it certainly seems a question of when rather than if an attack will be turned against the United States. Next week, Stephen Recca will offer his thoughts on U.S. Government’s response to these potential threats, as well as the necessary resources and capabilities to address them.

Image source: Dreamstime.com

 

CTU Faculty - Bruce HarmonBruce Harmon, Ph.D., is the University Doctoral Chair of Computer Science at Colorado Technical University. He earned a Ph.D. in Electrical Engineering with a minor in Computer Science from the University of Colorado and his M.S. in Aeronautical Engineering from Purdue University. He earned a B.S. in Aeronautical Engineering at the United States Air Force Academy. After 9 years in the Air Force, he worked in defense and later at top-tier commercial companies for 17 years both in research and executive leadership positions. Learn why he’s IN.
NCSAM


Terms and Conditions By providing your mobile number, you agree to receive text messages from Colorado Tech via its mobile text message provider.  You may opt out of receiving messages by texting the word STOP to 94576, or simply reply with the word STOP to any text message you receive from Colorado Tech. While CEC or its mobile text message provider will not charge end users for receiving/responding to promotional messages, depending on the terms of your mobile phone plan, you may incur a cost from your mobile service carrier to receive and respond to any promotional text messages (standard messaging and data rates/fees and other charges may apply).  Charges will appear on your mobile phone bill or will be deducted from pre-paid amounts.  Current participating/supported carriers are: Alltel, AT&T, Boost, Cellcom, Cellular One, Cellular South, Cincinnati Bell, Cricket, Element Wireless, Golden State Cellular, iWireless, Metro PCS, Nextel, nTelos, Plateau Wireless, Sprint, T-Mobile, US Cellular, Verizon Wireless, Viaero Wireless, Virgin, and more.×