Part 1
Today, malicious hackers are roaming on the internet with the intention of preying on unsuspecting web users by gaining access to web servers using various techniques, such as waterhole attacks and bait and switch. Bait and switch is a common method used today where users are told that they are downloading legitimate files, and briefly, they are, but it is then exchanged with a malicious item. Waterhole attacks occur when hackers “poison” the location that their targeted users normally meet, especially WI-FI hotspots. Defending against bait and switch attacks is the most challenging of the two in an organization because employees may think they are clicking on legitimate websites, yet they are malicious giving the hacker access to the firm’s web servers (Seo, Kim, Cho, & Cha, 2004). As a security manager, I would allocate ample resources to the threat that will result in the most damage to the firm because it will be hard to reverse the situation afterward.
Part 2
Hacktivist implies a hacker who is more interested in overwhelming and disrupting a web server or a website than stealing information from the database. Normally, they exist in groups. Organizations and professionals are becoming more concerned about these groups because they may cause a lot of negative publicity; hence, messing with the hard earned reputation of the business (Lindgren & Lundström, 2011). Attacks by malicious hackers are today moving towards targeted attacks as compared to traditional untargeted attacks because technology has led to the designing of programs that can precisely target firms. Therefore, malicious hackers prefer coming up with targets that can easily be hacked and those that offer the highest financial returns to damage the reputation of the targeted firm.
References
Lindgren, S., & Lundström, R. (2011). Pirate culture and hacktivist mobilization: The cultural and social protocols of# WikiLeaks on Twitter. New Media & Society, 13(6), 999-1018.
Seo, J., Kim, H. S., Cho, S., & Cha, S. (2004, April). Web server attack categorization based on root causes and their locations. In Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on (Vol. 1, pp. 90-96). IEEE.
