The threat to information systems is both internal, such as the disgruntled or greedy employee; and external, as typified by hackers or crackers. We should dismiss the notion that hackers are only geeky 14 year olds trying to crack one computer at a time as an indoor sport. Many of todays hackers are far more advanced in computer skills. Using hacking tools available on the Internet, these hackers are capable of running automated attack applications against thousands of host computers at a time to identify security weaknesses.
Cyber Terrorism: A Growing Threat
The expansion of the Internet has opened the door to a dangerous new form of political protest. As Internet access increases exponentially around the world, hacktivists, or hacker activists, and cyber terrorists are using the Internet to launch politically motivated cyber attacks with increasing frequency and effect. In hopes of gaining political influence, hacktivists may hold virtual sit-ins, visiting a site en mass in order to shut it down, email bomb an inbox and form a virtual blockade, or deface web pages and post messages of political protest. Information security experts fear that cyber terrorists may use similar tactics to attack the critical infrastructure of the United States, causing anything from economic instability to the loss of human life. Many fear that, because of high visibility and name recognition throughout the world, United States government, cultural, or corporate sites are particularly vulnerable to attack. Furthermore, perceived positions on certain issues or support of certain groups may make these sites targets in conflicts which do not even directly concern them.
Insider Hacking Threat Increases
When someone cracked an Internet Service Provider's (ISP) computer system, altered customer accounts and deleted databases, the ISP did not need to look far to find the attacker. It wasn't a criminal outfit seeking credit card numbers, nor was it a whiz kid hacking for the challenge of it, instead, it was a former computer administrator for the ISP who had been unhappy and quit. Federal investigators say this type of computer crime is on the rise. As the number of layoffs increases at technology companies, a growing number of disgruntled and fired employees are hacking into their company's systems for revenge. Often times, system administrators are among the last to find out that an employee has been laid off. As a result, terminated employees retain their user privileges and use them to access company resources. Authorities emphasize the notion that companies should keep track of not only who they hire, but of who they fire. These terminated employees should be stripped of their physical and computer access identification at the time of termination to minimize retribution opportunities.
Don't let this be you!