Page 105 - Data Science class 11
P. 105

1.5.2 What is an outsider threat?
            Outsider threats are those that come from outside of the organisation. They can be from hacktivists, other countries,
            white hat hackers or even competitors. Outsiders are the ones who have ill intentions, but they don't have any sort of
            access. Network restrictions are usually powerful enough to deny access.
            Threats from outside the organisation may include hackers, cybercriminals, competitors, or any malicious person who
            is not associated with the organisation.
            These external attacks are often financially motivated, such as ransomware attacks, wherein malware is installed on
            devices containing organisation’s data. This data is then encrypted. It can only be accessed when a considerable
            amount of money is paid to the attacker.
            Attacks made by adversaries might not have direct access
            to any of the authorised nodes in the network. However,
            the adversary may have access to the physical medium,       An adversary is a malicious entity that is unauthorised
            particularly if we are dealing with wireless networks.      to access or alter information and works against any
            Most organisations have in store a lot of sensitive data that   protections afforded the information.
            could be very important and possibly damaging to the
            company's reputation if it was leaked to the outside world. Such sensitive data may include:
               • Trade secrets and intellectual property
               • Regulated data
               • Sensitive data
               • Information about products and internal research

               • Financial and personal staff information
               • Source code
               • Business plans and other sensitive corporate information.
            However, not every cybercriminal aims to make money. There can be many reasons for data to be valuable. An attack
            mostly occurs to access sensitive data. In such situations, the company realizes the data breach only after the event
            has occurred.

            Sources of Outsider Threat

            Outsider threats include:
               • Hackers at competitions trying to expose vulnerabilities for a prize or reward.

               • Foreign governments trying to gain access to a defense contractor to learn about the latest military technology in
              development.

               • Cybercriminals trying to access financial information for financial gain.

            1.5.3 insiders and outsiders often Work together
            To cause a threat to your organisation’s data, when an outsider does a spear-phishing attack, or your competitor
            sends someone in to impersonate a new employee to gain illegitimate access, there is often conspiring collaboration
            between individuals, inside and outside of an organisation. Most cloud data breaches actually involve a combination
            of both internal and outsider threats, so it is vital to protect data from any attack.

            This can include:
               • Espionage: It basically means to spy on a business to obtain confidential information about its operations. Trespassing
              onto a competitor's property or accessing their files without consent, impersonating an outside worker to know
              company trade secrets and other sensitive information, etc. are the acts of espionage.



                                                                                        Ethics in Data Science  103
   100   101   102   103   104   105   106   107   108   109   110