"Malsubject" (Malicious Subject) is an unauthorized individual or
subject whose activities are intended to break into an Information
System (IS) with malicious intent to compromise the information's
confidentiality, integrity, or availability of organizations and
individuals. Malsubjects include hackers, cyber-thieves, spammers,
hacktivist, and nation states among many others.
It is easier to
identify these individuals in the cyber security space by one common
name instead of several, such as bad actors, threat actors, bad guys,
cybercriminals, and others. The term malsubject defines these
individuals regardless of their intended actions. After all, their
intentions are always malicious in nature, no matter who they are or
what we label them.
The term "malware", or Malicious Software, is
defined by the National Institute of Standards and Technology's (NIST)
Glossary of Key Information Security Terms as "a program that is
inserted into a system, usually covertly, with the intent of
compromising the confidentiality, integrity, or availability of the
victim's data, applications, or operating system or of otherwise
annoying or disrupting the victim." Malware by this definition include
viruses, worms, trojan horses, or other code-based malicious entity that
successfully infects a computer system.
Because "malsubject"
provides an opportunity to identify all types of "cyber bad guys" with a
single term, the term "malware" ought to include, in addition to
malicious programs, malicious hardware (e.g. ATM and gas pump skimmers)
or malicious techniques (e.g. social engineering). Malicious hardware
gets inserted into a system (physically and covertly) with the intent of
compromising the victim's data. Malicious techniques are also used on
individuals with the purpose of tricking them into performing actions or
divulging information in order to gain access to information system's
data. As a result, I use "malware" in general terms to identify
malicious software, hardware, and techniques used to perform
cyber-attacks.
In the world of cybercrime and cyber warfare, the
fight is always aimed to prevent malsubjects and malware from
penetrating information systems of public and private organizations as
well as individual systems. It is clear that malsubjects using selected
malware can identify, target, and attack all types of IS infrastructure.
Once an attack is successful, the results and consequences of these
malicious actions become a series of unfortunate events played against
individuals and organizations.
The latest Verizon's 2013 Data
Breach Investigations Report (DBIR) stated that the 2012 combined
dataset of security incidents analyzed for the report represented the
largest they have ever covered in any single year, spanning more than
47,000 reported security incidents; 621 confirmed data disclosures; and
at least 44 million compromised records. Unfortunately, these security
incidents will continue to become regular news as malsubjects intensify
their efforts using more and more sophisticated malware. For example,
the recent malsubject attack on the Target Corporation produced a breach
that exposed personal information on millions of its customers.
An
effective cyber defense against attacks from malsubjects requires
technologies, people, and processes capable of preventing or mitigating
the damage caused by their malicious activities. Effective security
controls and security awareness training are the best weapons against
their intrusions.
According to NIST, "using the risk management
tools and techniques that are available to organizations is essential in
developing, implementing, and maintaining the safeguards and
countermeasures with the necessary and sufficient strength of mechanism
to address the current threats to organizational operations and assets,
individuals, other organizations, and the Nation".
Well
implemented security controls based on appropriate risk management tools
and techniques increase the odds of preventing many of the
cyber-attacks currently affecting information systems and
infrastructures all over the world.
In today's cyber space
malsubjects span from one individual to organized crime groups and
nation states capable of conducting sophisticated cyber-attacks from the
most remote places in the world. All they need is a communication line
to the public internet or private networks and the use of well-crafted
malware to reach their targets. We might not be able to prevent them
from reaching the system boundaries, but with good implementation of
security controls; appropriate risk management tools and techniques; and
constant security awareness training for organizational staff and the
general public, we can slow down and someday we might be able to stop
their advances.
By
Felix Uribe
No comments:
Post a Comment