Cyber Security Attacks and Attackers

Factors Aiding Cyber Attacks

• Automation:
  • Speed of computers and networks makes attacks possible to easily launch cyber attacks. 高速的电脑和网络使进行网络攻击非常容易
  • Using Data mining/AI, it is easy to find the target victim. 数据挖掘和AI很容易找到受害人
• Action at a distance:
  • Attackers can be far away from their target and still do damage. 攻击者可能很远
  • Interstate/International differences in laws can affect prosecution. 不同州/国家的法律不同也能影响起诉
• Electronic techniques easily transferable/duplicated:
  • Counterfeiting e-money. 伪造钱
  • Attack tools can be created by single person. 个人可以制作攻击工具
  • Easily modified per situation. 针对情况修改

Different Types of Cyber Attacks

• 当有第三方未经认证的访问时，我们认为这是网络攻击
• 制造网络攻击的人是黑客/攻击者
• 现在有不同的网络攻击，如果我们知道就能够保护我们的网络和系统
  • Malware Attack
  • Denial of Service Attack
  • Social Engineering Attack
  • SQL Injection Attack
  • Man-in-the-Middle Attack
  • Password Attack

Insider Threat

• As the name suggests, an insider threat does not involve a third party but an insider. In such a case; it could be an individual from within the organization who knows everything about the organization. Insider threats have the potential to cause tremendous damages. 正如其名称所示，内部威胁并不涉及第三方，而是由内部人员引发。在这种情况下，可能是组织内部的一名人员，他们对组织的一切都了如指掌。内部威胁可能会造成巨大的损害。

• Insider threats are rampant in small businesses, as the staff there hold access to multiple accounts with data. Reasons for this form of an attack are many, it can be greed, malice, or even carelessness. Insider threats are hard to predict and hence tricky. 内部威胁在小型企业中非常猖獗，因为员工通常可以访问多个包含数据的账户。这种形式的攻击原因多种多样，可能是出于贪婪、恶意甚至粗心大意。内部威胁难以预测，因此也更加棘手。

• To prevent the insider threat attack:

  • Organizations should have a good culture of security awareness. 组织应培养良好的安全意识文化。
  • Companies must limit the IT resources staff can have access to depending on their job roles. 公司必须根据员工的工作角色限制其访问IT资源的权限。
  • Organizations must train employees to spot insider threats. 组织必须培训员工以识别内部威胁。

• Top Motivations for Insider Attacks

  • Fraud
  • Monetary gain
  • IP theft 知识产权盗窃

• Top Insider Threat Actors

  • Privileged IT Users
  • Managers with access to sensitive information
  • Contractors and consultants
  • Employees

Crypto Jacking

• “Crypto jacking” takes place when attackers access someone else’s computer for mining crypto currency. “加密劫持”（Crypto jacking）是指攻击者未经授权访问他人的计算机来进行加密货币挖矿。
• The access is gained by infecting a website or manipulating the victim to click on a malicious link. 攻击者通过感染网站或诱使受害者点击恶意链接来获取访问权限。
• Victims are unaware of this as the Crypto mining code works in the background; a delay in the execution is the only sign they might witness. 受害者通常不会察觉，因为加密货币挖矿代码在后台运行；执行过程中出现延迟可能是唯一的可见迹象。
• How to prevent Crypto jacking
  • Update your software and all the security apps as crypto jacking can infect the most unprotected systems. 更新软件和安全应用程序，因为加密劫持可能感染最不受保护的系统。
  • Have crypto jacking awareness training for the employees; this will help them detect crypto jacking threats. 为员工开展加密劫持意识培训，以帮助他们检测加密劫持威胁。
  • Install an ad blocker as ads are a primary source of crypto jacking scripts. 安装广告拦截器，因为广告是加密劫持脚本的主要传播途径。
  • Also have extensions like MinerBlock, which is used to identify and block. 安装类似MinerBlock的扩展插件，用于识别并阻止加密劫持代码。

Hakers

• A hacker is a technically skilled individual who discovers and exploits weaknesses in a computer network. Depending on a hacker’s intention, they are generally classified as: 黑客是指技术上非常熟练的个人，他们发现并利用计算机网络中的漏洞。根据黑客的意图，他们通常被分类为：

  • WHITE Hat: Also known as ethical hackers, will help to remove a virus or PenTest a company. 白帽黑客（White Hat）：也称为道德黑客，他们帮助移除病毒或进行公司渗透测试（PenTest）。
  • Black Hat: These are the ones who steal money or credit card information. 黑帽黑客（Black Hat）：这些黑客会窃取金钱或信用卡信息。
  • Gray Hat: Exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners. 灰帽黑客（Gray Hat）：利用计算机系统或产品中的安全漏洞，以提醒其所有者注意这些漏洞。
  • Script Kiddies: These are hackers in training. 脚本小子（Script Kiddies）：这些是正在接受训练的黑客。

• Hacker-Powered Security: Companies like Google, Facebook, and Tesla pay hackers millions of dollars annually through “bug bounty” programs to find security flaws in their systems. 黑客驱动的安全：像Google、Facebook和Tesla这样的公司每年通过“漏洞奖励”（bug bounty）计划向黑客支付数百万美元，以发现其系统中的安全漏洞。

• Dark Net Diaries: Hackers often gather on forums and underground communities where they share tools, techniques, and stolen data. Podcasts like “Dark Net Diaries” offer fascinating true insights into their lives. 黑暗网络日记（Dark Net Diaries）：黑客经常在论坛和地下社区中聚集，分享工具、技术以及被盗的数据。像《Dark Net Diaries》这样的播客为我们提供了关于他们生活的引人入胜的真实见解。

• The Dark Side of IoT (Internet of Things): Hackers have taken control of baby monitors, fridges, and even smart light bulbs. In one famous case, hackers used a smart fish tank thermometer to breach a casino’s network and steal its database. 物联网（IoT）的黑暗面：黑客已经入侵了婴儿监视器、冰箱，甚至是智能灯泡。在一个著名案例中，黑客利用智能鱼缸温度计攻破了一家赌场的网络，并窃取了其数据库。

• The Rise of AI Hackers: Hackers are leveraging artificial intelligence (AI) to automate attacks. AI-powered tools can identify vulnerabilities, bypass captchas, and even write phishing emails that are more convincing than ever before. AI黑客的兴起：黑客正在利用人工智能（AI）来自动化攻击。借助AI驱动的工具，他们可以识别漏洞、绕过验证码，甚至撰写比以往更具欺骗性的网络钓鱼邮件。

Need for Ethical Hackers

• Ethical hackers prevent hackers from cracking into organization network 道德黑客（Ethical Hackers）能够防止黑客入侵组织网络：
• System vulnerabilities are discovered by ethical hackers, which could have been missed out otherwise. 道德黑客可以发现系统漏洞，这些漏洞可能在其他情况下被忽视。
• Ethical hackers analyze and chance an organization’s security policies. 道德黑客会分析并改进组织的安全策略。
• Customer data in an organization with ethical hackers are protected. 在拥有道德黑客的组织中，客户数据能够得到保护。

Why do Hackers Hack?

• GOVERNMENT SPONSORED HACKING 政府资助黑客
  • Cyber Warfare 网络战争
  • Cyber Terrorism 网络恐怖主义
  • Espionage 间谍战争
• INDUSTRIAL ESPIONAGE 工业间谍
  • Attacks on confidentiality 机密性攻击
  • Public information gathering 公开信息搜集
  • Trade secret espionage 商业秘密间谍
• ELITE HACKERS 精英黑客
  • Publicize vulnerabilities 公布漏洞
  • Hacking-Challenge 黑客挑战
  • Financial gains 赚钱
• SCRIPT KIDDIES
  • Gain Respect 装逼
• INSIDERS
  • Revenge 复仇