The mind of a hacker

Why is this happening more?
Who is doing this kind of damage?
What are they thinking?

More and more companies are being hacked. Personal data is being compromised. Valuable business data and intellectual property is being stolen. Stolen data is being held for ransom.

Cybersecurity attacks abound

Hacking is a growing and sophisticated industry.  Over the past few years companies continued to see more and more breaches that results in ransomware, stolen IP, exposed client records. Many
of these incidents make the news – and there are many we never hear of. 

  • Facebook has had a number of high profile data breaches - from the Cambridge Analytica data breach in 2018 that caused the share price to drop by more that $100 billion, to the 540 million records that were publicly exposed on Amazon Ccloud servers.

  • Capital One announced in July 2019 that it had discovered a breach that compromised more than 100 million customers. The estimated cost of the breach was $300 million.  

  • Marriott hotel group suffered a massive data breach that occurred between 2014 and September 2018. Hackers had access to guest information, including mailing address, email address, DOB, and passport number.

  • The  Wannacry ransomware hit hundreds of thousands of computers in over 150 countries in the first half of 2017 - particularly those running older versions of windows.[1]      

  • The Petya virus also attacked and crippled businesses – the most visible the pharmaceutical company, Merck, and cost them $135 million in revenue.[2] 

There are countless more in recent years that haven’t been reported, and the costs are skyrocketing.

The hits keep coming.

According to the Ponemon Institute's 2019 Cost of a Data Breach study, the consolidated average total cost of a breach in 2019 increased by 1.5 percent from 2018. In the six years since 2014, the average total cost of a data breach has increased by 12 percent, from $3.5 million.

Ponemon Institute Cost of Cyber Crime 2017 average cost over five years

Source: Ponemon Institute's 2019 Cost of a Data Breach report

The Dark Web

This industry grows through communications in the dark web – a part of the internet that exists below the surface of the web most of us see everyday. Below this ‘surface web’, lies sites and databases that are not indexed and cannot be searched through most search engines. This is the deep web, where much of this content is simply for private use. But there is a growing part that is being used for more sinister purposes
– such as buying and selling drugs, black market commodities and firearms. This is the dark web. This is also a hackers playground.  

No longer is the hacker just a teenager sitting in their dark bedroom upstairs trying to break into companies for kicks.  Now hackers are organized professional teams. Criminals from around the world – Korea, Russia, China, and more. These teams, through the dark web, can communicate, coordinate, and purchase malware to hack into systems, deny service, and demand ransom using digital currency on marketplaces that open and close as they’re detected.

Ponemon Institute 2017 Cost of cyber crime types of cyber attacks

Source: Ponemon Institute's 2017 Cost of Cyber Crime study

Why is this increasing?

The dark web has opened up the opportunity for those that want to hack into systems. No longer do people have to have sophisticated skills to break into systems. They can buy the tools through a marketplace, or hire a hacker. Their identity can be anonymized in the deep web. They can pay through digital currency. Simply put, their transactions can’t be tracked. Just as you can purchase goods instantly on your favorite shopping sites today, hackers can anonymously shop in marketplaces for the tools and resources to break into your systems. Their transactions can’t be tracked and their damage can be significant and widespread.

To complicate matters, and increase the likelihood of a successful attack, there are now many more opportunities to break into systems. With the growth of mobile devices, wearables, and the internet of things there are even more access points. Distracted users open phishing emails.  Wireless traffic gets exposed. More devices are deployed with fewer security protections.

And this market - with the easier access through the dark web marketplaces, and the increased exposure through internet-connected devices - grows because it's lucrative. Hacking can be monetized. And with money, criminals follow.

Hacking hasn't always been about money - historically hackers broke into systems because they could - many because it gives them a thrill. Then there are those who believe they should - to show security gaps and to alert others that their data is not safe. But now that the potential for monetary gain is increasing, and the access to systems is exploding, the opportunity is ripe for malicious actors to attack. There are well-organized groups from around the world that break into systems for financial gain or to further a political agenda. They leverage the dark web to communicate and coordinate - and attack your systems and steal your data.

What Data Attackers are Looking for Infographic Carbon Black Report

Source: Carbon Black "Beyond the Hype" research report 2017

Who is at risk?

There are no limits to who is at risk from cybersecurity attacks. Utilities, government agencies, corporations, and individuals are all exposed. And now that the largest companies have more sophisticated strategies in place, smaller companies are even more at risk as hackers try to find softer targets. These worms and viruses spread fast – they can automatically replicate – hitting more and more sites – they can get into computers and scramble files – and they can be used to steal data, stop systems, and demand ransom. This malware can paralyze organizations and cost millions.  According to the 2017 AT&T Global State of Cybersecurity survey, these attacks touch virtually every aspect of business.

How can you protect your organization?

To protect your data and your company you need to proactively design and implement a security strategy. This strategy should include the entire organization – as attacks can occur at any entry point. This strategy should begin with an assessment of your risks. 

1. Know Your Vulnerabilities

  • Do you know what normal looks like?
  • Could you spot an abnormality if it occurred?
  • Can you lock down your system in the event of attack? 
  • Could you recover if your files were destroyed?
  • What’s an acceptable down time to recover?
  • Do you have the procedures in place to recover within that time?
Learn more about Penetration Testing

2. Proactive Strategy

You can implement systems to protect your perimeter and prevent attacks from entering your environment, ensure you have antivirus installed and current on all endpoints, apply patches immediately, and limit what can run on your systems.
Learn more about security solutions

3. Reactive Procedures

Your users should also be trained to spot potential attacks and respond and report accordingly.  But as new methods attack systems, you must have a plan to respond if an attack happens.
Learn more about SOAR platforms

Your strategy must be comprehensive, as your company is vulnerable at every possible entry point.  All users should be involved in the solution to protect your business. The potential cost to your company of a cyber security attack is enormous – in addition to the costs associated with paying ransom or recovering from a breach – an attack can disrupt your business, damage your brand and reputation, and violate customer trust that you have worked so hard to build.

A 2017 study by Ponemon Institute showed that companies are increasingly putting more of their investments in detection and containment.  This highlights a real opportunity for companies to make the right investments to protect from cyber attacks, and facilitate the reduction in costs for recovery - and ultimately to minimize the risk and impact of attacks.

Ponemon Institute 2017 Cost of Cyber Crime percentage cost by internal activities graph

Source: Ponemon Institute's 2017 Cost of Cyber Crime study

Protecting your IT environment from cybersecurity attacks is a serious matter. As breaches occur at an accelerating rate to more and more businesses, going it alone is not an option. Your best approach is to partner with an IT Security organization with the skills and experience you need to secure your organization from being a victim of the next breach.

Learn More About Alacrinet Security Solutions

Get your security readiness assessment with a local expert today.

Thank you! Your submission has been received!

Hmm, it looks like something went wrong while trying to submit your form. Please check all fields and try again.