Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits. Anti-spam check. Do not fill this in!== Sources of cyber threats == There are a variety of sources of cyber threats, including<ref>[[GAO]] analysis based on [[data]] from the [[Director of National Intelligence]], [[Department of Justice]], the [[Central Intelligence Agency]], and the [[Software Engineering Institute]]’s [[CERT Coordination Center]].</ref>: * '''[[botmaster|Botnetwork operators]]''' — [[botmaster|Botnet operators]] use a [[network]], or [[botnet]], of [[compromise]]d, [[remote control|remotely controlled]] [[system]]s to coordinate [[attack]]s and to [[distribute]] [[phishing]] schemes, [[spam]], and [[malware]] [[attack]]s. The services of these [[network]]s are sometimes made available on underground markets (e.g., purchasing a [[denial of service attack]] or [[server]]s to relay [[spam]] or [[phishing]] [[attack]]s). * '''Business competitors''' — Companies that compete against or do business with a target company may seek to obtain [[sensitive information]] to improve their [[competitive advantage]] in various areas, such as pricing, manufacturing, product development, and [[contract]]ing. * '''Criminal groups''' — Criminal groups seek to [[attack]] [[system]]s for monetary gain. Specifically, organized criminal groups use [[spam]], [[phishing]], and [[spyware]]/[[malware]] to commit [[identity theft]] and [[online fraud]]. International corporate spies and criminal organizations also pose a threat to the United States through their ability to conduct [[industrial espionage]] and large-scale monetary [[theft]] and to hire or develop [[hacker]] talent. * '''Foreign nation states''' — [[Foreign intelligence service]]s use cyber tools as part of their [[information gathering]] and [[espionage]] activities. Also, several nations are aggressively working to develop [[information warfare]] doctrine, programs, and capabilities. Such capabilities enable a single entity to have a significant and serious impact by disrupting the supply, communications, and economic [[infrastructure]]s that support military power. According to the [[Director of National Intelligence]], a growing array of state and nonstate adversaries are increasingly targeting — for [[exploitation]] and potentially [[disruption]] or destruction — [[information infrastructure]], including the [[Internet]], [[telecommunications network]]s, [[computer system]]s, and [[embedded]] [[processor]]s and [[controller]]s in critical industries." * '''[[Hacker]]s''' — [[Hacker]]s break into [[network]]s for the thrill of the challenge, bragging rights in the [[hacker community]], revenge, [[stalking]] others, and monetary gain, among other reasons. While gaining [[unauthorized access]] once required a fair amount of skill or [[computer]] knowledge, [[hacker]]s can now [[download]] [[attack script]]s and [[protocol]]s from the [[Internet]] and launch them against victim [[site]]s. Thus, while [[attack tool]]s have become more sophisticated, they have also become easier to use. According to the [[Central Intelligence Agency]], the large majority of [[hacker]]s do not have the requisite expertise to threaten difficult targets such as critical U.S. networks. Nevertheless, the worldwide population of [[hacker]]s poses a relatively high [[threat]] of an isolated or brief disruption causing serious damage. * '''[[Hacktivist]]s''' — Those who make politically motivated attacks on publicly accessible [[web page]]s or [[e-mail server]]s. These groups and individuals overload [[e-mail server]]s and [[hack]] into [[website]]s to send a political message. * '''[[Insider]]s''' — The disgruntled [[insider]], working from within an organization, is a principal source of [[computer crime]]s. [[Insider]]s may not need a great deal of knowledge about [[computer]] [[intrusion]]s because their knowledge of a victim [[system]] often allows them to gain unrestricted [[access]] to cause damage to the [[system]] or to steal [[system]] [[data]]. The [[insider threat]] also includes contractor personnel. * '''International corporate spies''' — International corporate spies pose a threat to the United States through their ability to conduct economic and industrial espionagea and large-scale monetary theft and to hire or develop hacker talent. * '''[[Phisher]]s''' — Individuals, or small groups, execute [[phishing]]] schemes in an attempt to [[identity theft|steal identities]] or [[information]] for monetary gain. [[Phisher]]s may also use [[spam]] and [[spyware]]/[[malware]] to accomplish their objectives. * '''[[Spammer]]s''' — Individuals or organizations distribute [[spam|unsolicited e-mail]] with hidden or false information in order to sell products, conduct [[phishing]] schemes, [[software distribution|distribute]] [[spyware]]/[[malware]], or [[attack]] organizations (i.e., [[denial of service attack]]). * '''[[Spyware]]/[[malware]] authors''' — Individuals or organizations with [[malicious intent]] carry out [[attack]]s against [[user]]s by producing and [[software distribution|distributing]] [[spyware]] and [[malware]]. Several destructive [[computer virus]]es and [[worm]]s have harmed [[file]]s and [[hard drive]]s, including the [[Melissa virus]], the [[Explore.Zip worm]], the [[CIH (Chernobyl) virus]], [[Nimda worm]], [[Code Red]], [[Slammer worm]], and [[Blaster worm]]. * '''[[Terrorist]]s''' — [[Terrorist]]s seek to destroy, incapacitate, or exploit [[critical infrastructure]]s to threaten [[national security]], cause mass casualties, weaken the U.S. economy, and damage public morale and confidence. However, traditional [[terrorist]] [[adversaries]] of the United States are less developed in their [[computer network]] capabilities than other [[adversaries]]. [[Terrorist]]s likely pose a limited cyber threat. The [[Central Intelligence Agency]] believes [[terrorist]]s will stay focused on traditional [[attack]] methods, but it anticipates growing cyber threats as a more technically competent generation enters the ranks. Summary: Please note that all contributions to the The IT Law Wiki are considered to be released under the CC-BY-SA Cancel Editing help (opens in new window) Retrieved from "https://itlaw.wikia.org/wiki/Cyber_threat"