11/19/21, 12:43 AM Cybersecurity Threat Landscape

11/19/21, 12:43 AM Cybersecurity Threat Landscape
https://learn.umgc.edu/d2l/le/content/681415/viewContent/24346874/View 1/2
Cybersecurity Threat Landscape
The “cybersecurity threat landscape” is a phrase that is used to describe nefarious
cyber actors, and the tools, tactics, techniques, and vectors they use to achieve
objectives. Cyber threats are dominating the news coverage and are as ubiquitous in
organizational discussions as the financial balance sheet. In fact, cyber threats rank as
one of the top threats identified by the United States government.
According to a February 2018 report from the Office of the Director of National
Intelligence, Daniel Coats: “The potential for surprise in the cyber realm will increase in
the next year and beyond as billions more digital devices are connected—with relatively
little built-in security—and both nation states and maligned actors become more
emboldened and better equipped in the use of increasingly widespread cyber toolkits”
(Coats, 2018).
We will begin by reviewing current trends in threat vectors, or the means by which the
cyber actors exploit the user and organization. Then, we will review the known
advanced cyber actors, which are called advanced persistent threats (APTs).
Understanding how these advanced actors operate, what they typically target, and the
vectors by which they exploit to achieve their objectives will lead to a better chance of
limiting their impact on the organization.
Cybersecurity Threat Vectors
Threat vectors, like the technology they take advantage of, are constantly evolving. For
example, just a few years ago we saw a shift in cybersecurity threats toward connected
devices. Why the shift? The connected devices were considered low-hanging fruit.
They included everything from traditional devices (routers) to modern devices
(microwaves) that were previously not connected to the internet. As the internet of
things (IoT) evolves and grows in size, cybersecurity threat actors take advantage.
Devices such as thermostats or other IoT devices often have no underlying security
mechanisms or controls.
Beyond connected devices, ransomware has also become a problem for many
organizations. Ransomware is like malware, but has a different intent. With
ransomware, the threat actor is typically after some form of ransom, such as money.
Learning Resource
11/19/21, 12:43 AM Cybersecurity Threat Landscape
https://learn.umgc.edu/d2l/le/content/681415/viewContent/24346874/View 2/2
The threat actor will typically gain access to the organizational information systems just
as in any other cybersecurity vulnerability, but instead of stealing or deleting
information, the threat actor may encrypt the data at rest and threaten to destroy (or
release) it unless a ransom is paid. Several health care facilities have had their data
hacked with ransomware. These situations will continue to evolve as the underlying
technology and the way we use it evolves.
Advanced Persistent Threats
An advanced persistent threat (APT) is similar to any other cyber threat actor except
for that APTs are able to stay undetected for a long time. They may use the same threat
vectors to acquire access to the organization, but detecting them is more difficult. Also,
the intent of an APT is usually to monitor or steal information as opposed to destroying
or holding data ransom.
What makes APTs so difficult to detect is their advanced capabilities. They often have
many more resources than a traditional threat actor. Thus, their tools, tactics, and
techniques are more advanced. An example of a APT technique would be obfuscation.
Obfuscation is the process of converting something to a form where the meaning and
purpose is less apparent. It is the practice of making something difficult to understand;
thus, attributing a cyber incident to the originator is more difficult. For example,
someone placing a malicious executable file into a system but changing the file name
so it appeared to be a text file would be an example of obfuscation.
References
Coats, D. (2018). Worldwide threat assessment. Office of the Director of National
Intelligence. https://www.dni.gov/files/documents/Newsroom/Testimonies/2018-ATA-
–Unclassified-SSCI.pdf
© 2021 University of Maryland Global Campus
All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or
integrity of information located at external sites.