PERSPECTIVES FROM THE CAMPUS

One of the strengths of Indiana is that we bring together a variety of perspectives from the plethora of areas that touch the field of cyber, especially through the colleges, universities, and other institutions of higher education throughout our state. Hence the name, “Perspectives from the Campus”, we invite experts – immersed in the pursuit of educating their students – to offer their knowledge for finding solutions in cybersecurity that benefit all Hoosiers.

In the latest installment of this series, David Dungan, who serves as the executive director at the Center for Security Services and Cyber Defense at Anderson University, shares his perspective in the first of a two-part blog series highlighting some of the “everyday” cyber threats we can’t ignore and why it’s true that it’s important we pay attention to every click we make.

And be sure to come back on Friday, January 23^rd for part two of the series, as he examines what’s involved with advanced persistent threats (APTs) and what some of these hackers might try to pull off in 2026.

By David Dungan

When people think of cyber threats, they think of shadowy government hackers or elite cybercrime groups searching for and creating new vulnerabilities. In reality, the greatest threats come from known vulnerabilities, as they often, are considered easy targets for the everyday cyber villains that we’re more likely to encounter.

Script Kiddies

These hackers get their name from their use of readily available exploits to carry out cyberattacks, while lacking the sophistication to find new vulnerabilities. A common example of this is using tools like Masscan, nmap, and Netcat to scan for open ports to exploit. Recently, advances in AI has helped them “tune up” malicious code to try and bypass detection systems. It’s important to be thorough and disable unnecessary services, and to turn on automatic patches so these exploits are less likely to be successful.

Ransomware-as-a-Service

Ransomware-as-a-Service (RaaS) is a version of Malware-as-a-Service (MaaS), which is a cybercrime business model (shown in the image taken from the Microsoft’s 2022 Threat Report that illustrates how it works) that mirrors the legitimate Software-as-a-Service (SaaS) model.

This service also offers the manufacturing of sophisticated ransomware tools and infrastructure for accessibility to individuals and groups, known as affiliates, who want to launch attacks. This makes cybercrime accessible to those with limited skills, allowing them to execute attacks for money. Some consequences of easily accessible RaaS attacks are increased frequency, greater scale, and impacts on various sectors. This lowers the entry barrier for attackers and the continuation of the evolution process of RaaS tools, making detection difficult. Other examples of MaaS include Cryptojacking, info stealers, and botnets.

Hacktivists

Comprised of either individuals or groups, such as LulzSec or Mr. Hamza, they hack for a cause rather than for the money.

With motivations ranging from political and social activism to environmental advocacy, more than half of their attacks are distributed denial of service (DDoS) attacks, but there has also been an increase in attacks on energy and utility infrastructure.

Insiders

Employees and inside threat actors account for roughly 60 percent of insider cyber incidents. Employees can compromise security with or without knowledge. A widely known example of this is clicking on malicious links, but poor access control can also increase the risk of insider data theft.

While it is not an incredibly sophisticated tactic, the employees are seen as the biggest weakness and often try to exploit it to gain initial access or valuable information. To circumvent this vulnerability, companies and organizations are advised to adopt tight role-based access control (RBAC) that ensures only those with access can view confidential data if used with strict authentication measures. Constant security monitoring can also be used to reduce the likelihood of insider threats.

Cyber threats come from many sources, and it only takes one click on a malicious link or one lazy configuration to give attackers an opening.  As such, adopting a zero-trust mindset is important to keep up with the new cyber threats emerging every day.