Who’s hacking you…
Okay, so we’re in the business of protection. 50 years ago if we’d said that to you, you might think we’d send a few people round to sit outside your shop window and look menacing, oh how times have changed – if only it was that easy…
As cyber security experts, we not only focus on resolving vulnerabilities and responding to incidents, but we try to stop the event occurring in the first place. In order to do that we often have to look at the profile of those out there doing the bad deeds, in essence, to stop the hacker you have to become the hacker (or something like that).
It’s common knowledge now and the media have very clearly established that hacking or data breaches are likely to be a question of when rather than if, but if we study the supply chain of hackers what do we find? Who’s hacking you and why are they even bothering?
So let’s start with the question of who might be attacking you. Generally speaking, this stems from 3 fundamental motivations:
- Those that do it for financial gain or to steal
- Those that do it to disrupt
- Those that do it for fun
The cyber criminals that hack to steal are after something that they perceive as ‘valuable’, whether that is to them or someone else who they are operating on behalf of. It’s likely that this value can be derived either from the financial gain that they acquire (as in the case of Evaldas Rimasauskas who phished $100m from a number of US tech firms) or it might be for the valuable information the hack may yield; whether this is patents, intellectual property or maybe even customer data.
Those that are stealing from you are likely to fall into one of the following; cybercriminals, malicious insiders, rogue suppliers or competitors. Now that isn’t to say that they are the only ones stealing information but they are likely fall into one of those categories.
Then we have the disruptors; these individuals or groups are likely to target you, your business or public organisations and infrastructure in order to; bring things to a standstill, spread a message be it political or otherwise and to generally watch the world burn (potentially literally if critical infrastructure is disrupted). Disruptors might be political groups or individuals with political agendas but similarly, they may be nation-states and it is likely that when smart cities come into being this would be the go-to in ‘cyber-warfare’, disabling critical infrastructure and bringing cities to a standstill, rendering them incapable of responding.
Recent research indicates that 12% of businesses are confident that a DDoS attack was initiated by a competitor and our experience indicates to us that if your business services are disrupted it is entirely worth considering your competitors as a potential source of disruption.
Finally we have the most common form of a hacker or cyber attacker, however, you want to phrase it these are the likely to be where the stereotype of energy drink consuming, dark room and hoodie come from, believe us, we’ve met a few of them. Whether as individuals or groups these hackers enjoy breaking things, testing themselves and generally receiving acclaim from peers and peer groups. Often the most difficult to prevent this group of hackers is also the group most likely to discover vulnerabilities and bugs in code making software or hardware susceptible to attack.
So how to they do it? The majority of tactics used today are based on; phishing (perhaps the easiest and most obvious choice achievable by even the least technically skilled hacker), exploitation of software or hardware vulnerabilities (often requiring a certain level of technical ability), stolen credentials (either stolen firsthand or purchased on the internet) or third-party compromise (this involves getting to you via someone else, likely a supplier or someone in close proximity).
Cyber security is only going to increase in its importance, so if you think you’re sick of it now just wait until we become immersed in the Internet of Things, live in smart cities and have small chips implanted in our brains (give it time people).
Author: Ruben Bell, Business Planning Manager, Unipart Cyber Security
Ruben Bell works with Unipart Cyber Security on business planning and marketing and has worked across a variety of sectors including FMCG, Oil & Gas and Cyber Security.