We're going to take some time now and think about adversaries. Now, what that word means, is someone that is in a sense is your opposing party, someone that may have malicious intent with respect to you. When two groups don't get along, they're called adversaries. When they fight, when they're opposed in some, whatever reason, call them adversaries. And cybersecurity's all about that, right. Cybersecurity is not about a earthquake or an inadvertent piece of code causing a problem. That's not cybersecurity. Cybersecurity is about malicious activities, something that's intentionally done. So I want to talk through really the four types of, quote unquote actors, that are involved in causing problems. Now the first one is what we would call a hacker. Now I believe that most hackers, young people, are mostly of benign intent. I think when people have this joy of breaking into things and learning how they work and piecing them apart and getting in, they do that for love of technology. And I think, certainly the least concerning to me. But I think you have to be careful because hackers can themselves in a lot of trouble when they break into things and maybe inadvertently cause a problem. Certainly along the spectrum, a hacker shouldn't be someone that's helping all of us understand the problems that exist in our system. So that's sort of the first type. The second type is criminal. [LAUGH] So that's a little different, right? Criminals only wants money, they're stealing things. There's no other way to put it. When somebody's stealing your credit cards and putting them up on the dark web or something for sale. I think we all know what the motivation is there, right? It's money. And there's no two ways about it, that is malicious and there's no question that's an adversary, right? I hope none of you are doing anything like that if you are, don't. Law enforcement's getting real good at detecting that sort of thing and crime does not pay so I think that second type a criminal is certainly more malicious. And keep in mind that this is something that, as long as we've had money, we've had crime. The thing that's changed is that money is now online. Your credit card is something you use all the time online. And increasingly you see Bitcoin and things being used. In fact in some later lectures, later in our session I'm going to take you through how block chain works, it's really kind of cool. But at any rate, criminals are the second type. Third would be, politically or philosophically or even religiously motivated hacktivists. So those are groups that have some message that they're really passionate about. And I'll be honest with you, many cases it's a perfect legitimate message. They're people who are outraged at injustices and they use hacking as a way of expressing their outrage. Now I'd be careful as vigilantism is not acceptable in most societies. But it's certainly a third, clear type of malicious actor that we need to be aware of. So this was tough because sometimes like with the group Anonymous. It's probably the most famous group of, say, philosophically motivated hackers. Sometimes they'll do things that you might be agreeing with, cheering on. Other times they might be doing things that you would absolutely not agree with under any circumstances. But it's a more unpredictable group and they certainly have motivations that are a little different. So that's the third. The fourth and most intense is the nation-state actor. This is a tough one. This is when military groups use cyber-hacking, use vulnerabilities in systems, as a means for warfare. For achieving military objectives, this is a disturbing situation. Because these are usually well funded groups with all the resources that are available, lots of time and generally a lot of patience. This is something that we need to be concerned with as a group. If we're all together as a learning community right here in the room I'd make you raise your hand and promise that you're not going to be any of the four there, that you're going to be a defender. I think that's a much more noble pursuit and that's what we'll be emphasizing through these entire sessions. It's more about defense and I want to stay on this point for a minute. Most of you think of cybersecurity as hacking. And I will tell you that it is ten times more difficult to think through defenses than offensive hacking. If you tell me that you can sit around and fiddle around with something and break into it, you've not impressed me at all. But if you tell me that you've come up with a way to protect that system, then you have my attention. And I want that to be something that sinks in. Hacking is not cybersecurity, it's a component. There's no question that there's a place for penetration testing a system, looking for soft spots. But as we've said a couple of times now, testing is a terrible way to demonstrate the absence of a problem, terrible way. Now, a dimension of these four malicious adversaries that we talked about is called attribution. That means, did they care about getting caught? [LAUGH] An attribute attacks to you, then I have this attribution property in your attack. So let's take a little quiz as a group here, just to test our learning with respect to the four types. Again, hacker, criminal, hacktivist, nation-state. Now for those four groups, who do you think would be the most concerned about attribution? Meaning, I don't want to get caught. And who do you think might be the least concerned? Now let's take them in term, hackers. Probably don't want to get caught, right? Probably pretty motivated to not get caught. But there's also the balancing argument they're probably not trying to bring down planet Earth either. So they might be high on the scale of not wanting to be caught. How about criminals? No question about it, they don't want to get caught. That's the whole idea when you're a criminal, you don't want to get caught. In fact, I'd put them as number one in not wanting to get caught. How about the hacktivist, do they care about getting caught? Maybe not, right? If you're trying to get your point across you may be raising your hand saying I did it. That's the whole basis for terrorism, right? Terrorism, for the most part, is not something that you hide from, but rather you accept full attribution for what's going on. So I put that hacktivist in the category of generally being less concerned about getting caught. And then nation-states kind of in the middle there, right? No need to get caught, but if you do get caught, what are you going to come arrest me? If I'm a government, and I'm military, and I go after another country, I may be doing it in full attribution, or I may want to do it quietly. So think about that as we go through the cyber security. Attribution is a much more complex topic. And it's a nice way of helping us to understand the motivation and the techniques used by these different types malicious actors, thanks.
