Target Cyber Criminals to Stop Cyber Crime
Focus on the people, then the technology
Cyber criminals, threat actors, hackers—they know cyber crime pays. Your data and technology, stored in networks and the cloud, are vulnerable. And although the tactics, targets and technology of attacks are all important, your most powerful defense against cyber crime is to understand threat actors.
To effectively prevent and respond to cyber crime, you need to establish the motivations and methodology of threat actors. Here are two ways advanced cyber attacks work:
Targeted – Malware, such as spear phishing, is used to reach a specific machine, individual, network, or organization. This malware tends to be signature-less, or otherwise evades antivirus and other traditional cyber security efforts using the criminal's knowledge of the target.
Persistent – Advanced cyber attacks are initiated via a series of email, file, web, or network actions. These individual actions might remain undetected by antivirus or other traditional defenses, or be ignored as harmless or low-priority. However, the malware becomes entrenched and pervasive, and culminates in a devastating attack.
Malware that uses both of these methodologies simultaneously presents an advanced persistent threat, or APT. And any organization in any industry can be a target.
What Cyber Criminals Want
You can defend yourself more effectively and efficiently when you learn what cyber criminals want, because you'll understand your high-value vulnerabilities and your significance as a target.
Economic cyber espionage uses APTs to acquire intellectual property and sensitive information. Ultimately, the threat actor seeks a long-term economic advantage, either for themselves or on behalf of their employer. The primary sponsors of cyber espionage include nation states and businesses competitors. No company is safe, and in fact many network breaches often begin with attacks on secondary targets such as vendors in the primary target's supply chain.
Organized cyber crime uses APTs to realize short-term, rapid financial gain through activities such as credit card theft. Their cyber attacks are designed to evade traditional cyber security measures and remain on a victim’s network for a long period of time. While no business is safe, targets tend to be companies that provide retail and financial services, including banks and credit card processors.
Nuisance Threats and Hacktivism
Nuisance threats and hacktivist cyber attacks attempt to interfere with daily business operations, defame web properties and make political statements. While embarrassing, they are typically neither targeted nor persistent. While attackers can be individuals, most are groups such as Anonymous and LulzSec who use botnets or spam to target both organizations and individuals.
Learn More about Today's Cyber Crime
- Hacking the Street? FIN4 Likely Playing the Market
- APT28: A Window Into Russia's Cyber Espionage Operations?
- What the Cosmos Can Teach Us About Security
- Cybersecurity's Maginot Line: A Real-world Assessment of the Defense-in-Depth Model
- Maginot Revisited: More Real-World Results from Real-World Tests
- Moving Targets: Threat Actors are Adjusting Their Aim