There is often the misconception that a Cyber attacker is often dressed up in a cloak and dagger kind of clothing, sitting in some far off, remote country like China, Russia, or even North Korea, with a bunch of monitor screens reach to launch their next sophisticated threat.
This image has been primarily fueled by what we see online, and of course what the media reports to us. But far from this, the actual truth is at the new wave of Cyber attacker is actually not even trained in how to launch a Cyber-attack.
Very often, this new breed of hackers are teenagers either in high school or entering college, or even somewhere in their college years.
They may have any kind of major, and heck, they may not even know anything about computers or technology. All they have to do is literally go online, but a Phishing or DDoS kit, and launch a low-level attack that can cause all sorts of damage.
In fact, many of these kits are downloadable, are free, and are also open sourced so that the attack can be further tailored to the whims of the hacker.
This is best exemplified by a recent survey conducted by a government agency based out of the United Kingdom. This study examined 850 separate Cyber-attacks that occurred between 2017 and 2018.
From this study, they found a distinct timing and pattern of when these Cyber-attacks were launched, thus pointing the evidence that it is the students themselves that are the main culprits.
For example, most of these students launched Cyber-attacks occurred primarily between during the normal working day, and during the time of final exams, when the stress level is at its one of its highest levels. But, when it comes to Christmas break or summer vacation (even spring break included here as well), it was discovered that the number of Cyber-attacks dropped dramatically.
This same government agency also studied in detail the Network Infrastructure of the colleges and the universities in the UK that were impacted by these Cyber-attacks. Once again, the forensics evidence showed that the work was done by an amateur, not a “professional” Cyber attacker.
The intent of these student Cyber attackers was not to steal any personal information or data, but rather just to get an “ego boost” by the magnitude of the level of chaos that they were able to create. The study also revealed these findings:
*The attacks increased from 8:00 AM to 9:00 AM and then fell off dramatically in the early afternoon;
*As mentioned earlier, there was a very sharp decline in attacks in the Christmas, Easter and summer breaks, but picked up sharply once again when classes were in session;
*There were more than 850 Cyber-attacks across the academic year, targeting almost 190 universities and colleges. This was an increase from 600 Cyber-attacks on about 140 educational institutions in the previous year;
*At one college, a Distributed Denial of Service (DDoS) was launched at 9 AM sharp, ended at 12 PM, stopped for the lunch hour, and then picked up once again at 1 PM and finished off at 5 PM. This odd time frame is indicative of either a student or staff member launching the Cyber-attack;
*At one particular UK university, it was discovered that there was a four-day DDoS attack having its point of origination coming from a residence hall dorm;
*There were more than 60 Cyber-attacks per week the fall term, and down to once a week during the summer term.
So, what are the other reasons that students are launching these Cyber-attacks? The study found out that it could be simply the students are playing virtual games amongst one another, and somehow, instead of just trying to defeat one another, they decided that the whole university IT Infrastructure would be at their beckon call.
Also, it could be the case that the students have a misplaced sense of “fun” at disrupting networks, getting “kudos among peers” for causing chaos or because of a grudge or anger over getting bad grades over the term of study.
Another reason for the possible decline in the Cyber-attacks during the summer months is the effort to take down what are known as “stresser sites”. These websites can be sold covertly for the primary reasons of launching a DDoS style attack against, in order to determine how much the Network Infrastructure that hosts these websites can take before they go down.
My thoughts on this?
Well, the study also revealed that it may not just be the students to blame for all of this. It could very well be the staff employed there, ranging all the way from the evening custodian to the administrative of the President.
Their primary motive in this case to launch a Cyber attack would be because they did not get a pay raise, got a bad job review, or even got fired.
Also, the researchers in this study did not dismiss the possibility that much more sophisticated Cyber attackers could also have been involved as well. This would be an effort to help the students cause more damage, and to also even cover their tracks so that they could not be picked up any forensics investigators.
It is also interesting to note that the Cyber attacks that were launched were low level, as previously described. None of these attacks involved Phishing, BEC, Malware, or even Ransomware style attacks.
Perhaps if these students are not busy enough in their studies and have all the time to launch a Cyber-attack, perhaps these educational institutions in the UK should offer these kids some kind of internship or even a summer camp, in order to possibly keep them from turning to the proverbial “Dark Side”, and also to hone in their skills.
After all, it is these kinds of individuals I wrote about yesterday that could easily fill in the gap in the Cyber security worker shortage that the world is experiencing right now.
Also remember, to get rid of the traditional image of the Cyber attacker I had described at the beginning of this blog. It could very well be that innocent looking 16-year-old kid that is sitting directly in front of you at Starbuck’s.