Technical risks

- [Instructor] You now know who the threat actors are, but do you know some of the tactics that they leverage? While companies are always implementing controls to protect against the bad guys, the bad guys are always trying to stay one step ahead. Let's dive a bit more into some of the methods the cyber criminals utilize to gain unwarranted access. First up is advanced persistent threat, also known as APT. According to Kaspersky, APT uses continuous clandestine and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period of time, with potentially destructive consequences. They are stealth and may access a network and lay dormant for a while before they strike, or they may be in a network for months or even years, siphoning information undetected. Think of it like if your home had termites. You would assume your home was built to be safe from the risk, and once they were in, you likely wouldn't know before it was too late and the damage was done. A botnet is a group of computers or other internet-connected devices being controlled in unison to perform malicious acts. Botnets have also been referred to like zombies in that once they are infected, they no longer have a mind of their own but instead are being manipulated to perform specific tasks to take down others. The same is true for botnets. Once controlled, they may propagate viruses, malware, and even conduct DDoS attacks against others. Oftentimes, without the knowledge of the owner of said device. So what are these DDoS attacks that botnet can perform? DDoS, also known as distributed denial of service, is when a threat actor intentionally floods a server beyond its capacity to the point it essentially breaks and/or others can't access the site or service. Similar to when people try to call a phone number, but too many people are trying to also call at the same time, so they keep getting a busy signal. And they can't get through. However, the differentiator in this attack scenario here is that this is done with malicious intent. Malware is a term that is actually two words combined to create a new word, malicious software, AKA malware. Malware is software that is designed specifically with the intent of performing malicious tasks and wreaking havoc on computer systems by gaining unwarranted access, disrupting service, and even purposefully causing damage via viruses, Trojans, and more. A virus is a very specific version of malware that can self-replicate and spread. A computer virus is similar to a virus in people that can actually make them sick. The more things it comes in contact with that don't have the proper protection in place, the more it will propagate and infect, though the damage may differ. Though a virus is just one of many forms of malware, it is often the one we hear the most because it is the most common.