Deep Dive: An Introduction to Cybersecurity—Part Two

Executive Summary

• In Part One of this Deep Dive report, we provided a summary of the current cybersecurity environment and discussed its components.
• Here in Part Two, we discuss the components and characteristics of an advanced attack, the different types of attacks and vulnerabilities, and the different types of hackers.
• An advanced attack comprises four stages: infection, persistence, communication, and command and control.
• Advanced persistent threats are designed to remain undetected and to operate over a long period, slowly accumulating data from servers and databases, aggregating it, and then sending it in a burst to a remote server.
• Types of attacks include malware, spam, botnets and ransomware, and hackers can take advantage of vulnerabilities in systems, such as the use of weak or common passwords, in order to wage attacks.
• The typical hacker is not some 15-year-old working at his bedroom desk, as we might imagine. Rather, there are a variety of hackers, who are categorized by the color of “hat” they wear, which corresponds with their presumed motivation. There are also organized crime and state-sponsored hackers. The dark web has emerged as a marketplace for stolen personal information.
• Fortunately, a powerful cybersecurity industry has emerged, and many private and public companies now specialize in providing targeted hardware and software solutions to thwart and minimize the impact of cyberattacks. Venture capital investment in the space is also healthy, keeping the level of innovation high.