Cyberattacks

Cyberattacks refer to attacks launched against computer systems, networks, and infrastructure with the intention of committing theft of sensitive data, gaining unauthorized access, and sniffing passwords. These attacks are implemented by individuals, groups, or states and may use malicious software like viruses and worms. The problem of cyberattacks has been acknowledged by the National Institute of Standards and Technology (Johnson et al., 2016).

Cyberattacks have increased in frequency and sophistication, resulting in significant challenges for organizations in defending their data and systems from capable threat actors. These actors range from individual, autonomous attackers to well-resourced groups operating in a coordinated manner as part of a criminal enterprise or on behalf of a nation-state. These actors can be persistent, motivated, and agile, and they employ a variety of tactics, techniques, and procedures (TTPs) to compromise systems, disrupt services, commit financial fraud, and expose or steal intellectual property and other sensitive information. (p. 1)

Cyberattacks can be prevented or their risks minimized if organizations that have faced attack share information with others so that they can deploy resources to combat the threat.

References

Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Computer security: Guide to cyber threat information sharing: Special Publication 800-150, 2nd draft. National Institute for Standards and Technology. http://csrc.nist.gov/publications/drafts/800-150/sp800_150_second_draft.pdf

Check Your Knowledge

Question 1
True or false: Cyberattacks are always made by one person.
True
False
Question 2
A cyberattack cannot be called which of the following?
a cyberattack
cyberespionage
cybergaming
cyberterrorism
Question 3
True or false: Cyberattacks always exploit known vulnerabilities.
True
False