Question

Discuss four types of adversaries and their threats to the Blackboard system.

Answer 1

The threats can be grouped into four principle categories:

1. Nation States

These adversaries are highly sophisticated and highly motived. Nonetheless, stealing state secrets from government servers is very difficult, especially compared to compromising a university or private business. Their targets are often organizations with U.S. government contracts or those who engage with foreign governments. Various government actors have shown a keen interest in conducting long-term incursions into businesses, political organizations and research institutes with ties to the U.S. government. They’re after everything from technology secrets to litigation strategies.

2. Multinational Criminal Organizations

Also very sophisticated, multinational criminal organizations have commercialized hacking by developing programs to offer “crime as a service.” They design malware, create botnets, and rent their facilities to others for money making activities, constantly probing at the periphery of major businesses looking for opportunities to steal valuable information, or to demand ransoms of companies in exchange for not taking down websites. It’s essential that enterprise businesses pursue third party risk assessments to identify holes in their defenses.

3. Hacktivists/Terrorists

Although their objectives may be divergent, their approaches are often similar. Hacktivists seek to sow disruption misdirect by planting misleading data or taking down police and government systems.

4. Insiders

The training of your employees is critical for defending against cyber threats. The vast majority of hacks involving employees are the result of a good employee clicking on the wrong thing. Robust employee training programs teaching employees to avoid phishing scams and how to maintain fundamental security practices can greatly reduce risks.

Threats coming from insiders with bad intentions are rarer, but people don’t just do bad things without telegraphing it. Many times, the signs that an employee is planning a breach of the company’s data security are obvious in retrospect, but frontline managers lack the training to spot it. The organization may even lack the framework to report and investigate potential problems from insider threats. Companies should develop insider threat training programs that work, much like workplace violence prevention programs.