An external threat refers to the risk of somebody from the outside of a company who attempts to exploit system vulnerabilities through the use of malicious software, hacking, sabotage or social engineering.
These can be much harder to deal with than internal threats, as you cannot monitor people from the outside like you can employees, nor can you predict what they might do next.
To better understand external threats, we will learn about what kind of external threats there are and how they function to cause the kind of damage they do.
This lesson we’ll learn about:
- Malicious software (malware)
- Hacking by individuals, companies and governments
- Sabotage by individuals, terrorist organisations, companies and governments
- Social engineering techniques used to deceive people into giving out information
1. Malicious Software
Malicious software encompasses a wide range of software, each of which has the purpose of causing damage to a computer system. Some are less harmful than others, for example, adware, meanwhile, others can render a hard drive inoperable, for example, some viruses.
Below are some examples of the types of malware you can encounter:
- Spyware gathers information on the user it has infected, secretly sending it away to third-party sources – this may be through the use of keyloggers, which get information from what you type, such as passwords.
- Adware displays unwanted advertisements used to generate revenue, sometimes obstructing the user through the use of pop-ups that don’t disappear when you close them.
- Ransomware prevents you from accessing your computer system, often by encrypting the storage devices, and demands a sum of money to be paid in order to gain access back.
- Viruses modify existing programs with malicious code and constantly replicates itself throughout a computer. They usually cause the corruption of data and applications, system failure & take up storage space or processing power.
- Worms perform a similar function to viruses. However, worms can replicate themselves through a network to spread to other computers, rather than through infecting files that are spread. This allows them to perform similar functions to viruses but on a much larger scale.
- Rootkits are used to get unauthorised remote administrator access to a computer or network. They typically spread by hiding in software that appears to offer legitimate functionality. This can then be used to steal data or hide other malware within the system.
- Trojans are malicious code that hides within a seemingly legitimate program. Typically, users are misled and download the Trojan themselves by thinking it’s a program they would like to use.
Now that you know about different types of malware, try and find some infamous examples of malware that has caused damage to users across the globe.
Hacking is a general term that describes the exploitation of vulnerabilities in a computer system to gain unauthorised access to the system and its data. The method of attack is known as the “attack vector” and often involves exploiting vulnerabilities in areas like Wi-Fi, Bluetooth, the internet connection or through gaining internal network access. We’ll learn more about how these are vulnerabilities as we work through this course.
There are a broad range of possible motivations, dependent on whether it is carried out by an individual, company or government.
If carried out by an individual, it is very hard to discern their motivation as it could be anything from profit to protest to recreation. Many hacking groups claim to be performing their actions for a political or social agenda, so-called hacktivists. However, many more will do it simply to cause harm.
Meanwhile, companies and governments are a lot clearer in what they want, that being to evaluate their own weaknesses, to get profit or to gather information.
Companies may use hacking for the purpose of corporate espionage, finding out about their competitor plans, products and finances. While governments may use it for political espionage, spying on their rival countries.
Companies and governments will also hire others to hack themselves. So-called “white hat” hacking, which is used to detect system vulnerabilities so that they can prevent threats from malicious “black hat” hackers.
We mention attack vectors in this lesson, such as Wi-Fi, Bluetooth, the internet connection or through gaining internal network access. Find out more about these attack vectors online. What is easy to exploit about them?
Sabotage is a general term that describes an activity used to deliberately disrupt services, typically through the use of:
- denial of service attacks
- distributing malware
- physically destroy computer equipment.
This can be carried out by individuals, terrorist organisations, companies or governments. However, unlike with hacking where the intention may be more for gaining information, or for nuisance purposes, sabotage is specifically malicious, with the goal of causing damage.
This is clearly with the goal of hindering the victim to perform their normal functions. This can be of a catastrophic impact if proper recovery procedures have not been put in place by those harmed.
There have been numerous allegations against certain countries for hacking other countries’ government institutions. Research into this to discover the scale of some of this hacking.
4. Social Engineering
Social engineering refers to the techniques used to deceive people into revealing private and confidential information. This can then be used for bank fraud & identity fraud or to gain access to systems.
A common form of this is through the use of phishing emails, whereby an email is sent out by a bot or person pretending to be somebody they are not. This email will often ask the user to reply with confidential data or follow a link to a web page. This web page may then request for data to be inputted or will infect the user’s computer with malware.
Even though the phishing attempts tend to be poorly worded, there will be an effort made for the emails and web pages to appear legitimate, and inexperienced computer users can easily fall for them.
Phishing emails are very common, you may find several in your email spam folder. Research some example of phishing emails in the news.
- There are lots of different types of malware that affect users across the globe, such as:
- Spyware which gathers information secretly.
- Adware which displays unwanted adverts.
- Ransomware which prevents access until a ransom is paid.
- Viruses which attach to files and damage the computer.
- Worms which tunnel through a network and damage computers.
- Rootkits which provide unauthorised remote access.
- Trojans which contains malicious code hidden within a seemingly legitimate program.
- Hacking involves exploiting vulnerabilities in computer systems in order to gain unauthorised access.
- This is performed by individuals to cause harm, or for so-called hacktivism. It’s also performed by companies and governments for espionage.
- Sabotage has the aim of deliberately disrupting computer services, such as through denial of service attacks, malware or by physically damaging equipment.
- Sabotage is likely to be carried out by companies, governments, terrorist organisations or something as simple as a disgruntled employee.
- Social engineering involves deceiving people into revealing private and confidential information.
- A common form of social engineering is phishing, which involves a user pretending to be a trusted organisation, asking for another individual’s details.