Corporate Cybercrime - A Hacker’s Point Of View

Uploaded on 2018-10-18 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

British Airways and Facebook have hit headlines recently when they became the latest in a long list of high-profile organisations to fall victim of a data breach at the hands of malicious hackers.  Events like these inflict significant reputational damage on brands involved, while the customers affected face inconvenience, and perhaps more importantly, stress and uncertainty over what it really means for them personally.

But what about the hackers? What do they stand to gain from an attack like this? And who are this mysterious new breed of cyber criminals?

It’s Child’s Play
I personally started hacking at the age of eleven. It really stemmed from curiosity and a healthy appetite for mischief. While my first ‘hack’ involved a soldering iron and a friend’s Sony Walkman, I quickly moved onto modems, dial-ups and into the systems of a couple of companies – notably one of the ‘big four’ consultancy firms, which subsequently recruited me to help set up the UK’s first ethical hacking department.
My first forays into hacking were in the early days of the internet, but today there is a generation of talented, curious young people who are growing up living and breathing technology. 
They are pushing the boundaries of technology, finding flaws in existing systems and connecting with likeminded people anywhere else on the planet. Businesses today face the challenge of harnessing this talent in a positive way, and make helping their business through ‘white hat’ hacking a more attractive proposition than going down the ‘black hat’ malicious hacking route.

The Human Target
Hollywood movies have created a common idea that hacks involve sneaky individuals getting into systems by hacking direct into the machines themselves in the dead of night. This is no longer the case. Hackers today typically don’t attack computers directly. Computers are hard targets with solid defences, so instead they go for the weak link – the people who use them.
The vast majority of cyberattacks against companies are human-targeted attacks. Unlike machines, people are vulnerable to psychological trickery. Hackers can directly target people inside a company, and by tricking them into opening emails or revealing insufficiently secure passwords, they can then use tools like spyware and malware to take control of systems from wherever they are in the world.

Infiltrating the InBox
Email-based hacking is the fastest growing form of cybercrime. It was the mechanism used by Russian Hackers in 2016 to compromise Hilary Clinton’s campaign HQ, sending emails targeting Jon Podesta and other high-ranking officials to get spyware into the DNC computer system.

While businesses can invest a lot of money to create secure systems, you are only as strong as your weakest link, and unfortunately these systems are used every day by humans. It is vital that employees are urged to stay vigilant and trained in best practices, because it only takes one cleverly worded email for hackers to attack your system from the inside out.
It’s not all about the Money

When we see stories like the British Airways data breach in particular, it is very easy for us imagine why someone would want access to more than 300,000 people’s credit card details. This leads many business leaders – particularly those running smaller companies or firms who aren’t directly processing payments – to fall into the trap of thinking ‘nobody would care about our data’ and subsequently take a lax view when it comes to cybersecurity.

While some hackers are of course intent on major financial fraud, that is not the only motivation. Some are intent on little more than mischief, while other might have a personal reason for targeting a particular company, such as ‘hacktivists’ hitting organisations because of a political or social motivation.

The reality of today’s digital world is that your data is your business. Customers, staff and partners trust you with their invaluable data every day, so you owe it to them to keep it safe from the threat of hackers or that trust could quickly disappear.

By Tayo Dada: Cyber security expert and the founder of Uncloak.io, the world’s first blockchain powered cyber security solution.

Management Today:

You Might Also Read:

How To Hack the Hackers: The Human Side Of Cybercrime:

 

« Blockchain As A Service Market To Reach $7 Billion
Lesser Skilled Cybercriminals Adopt Nation-State Hacking Methods »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LogRhythm

LogRhythm

LogRhythm's security platform unifies SIEM, log management, network and endpoint monitoring, user behaviour analytics, security automation and advanced security analytics.

Cifas

Cifas

Cifas are leaders in fraud prevention, working closely with UK law enforcement partners.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

Materna Virtual Solution

Materna Virtual Solution

Materna Virtual Solution security solutions enable user-friendly, secure mobile working environments.

NSEIT

NSEIT

NSEIT offers end-to-end Information Technology products, solutions and services including cybersecurity to organizations in the financial sector.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

CyberProof

CyberProof

CyberProof aims to give clarity and confidence to businesses worldwide using a new risk-based approach to cyber security services.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Smart Protection

Smart Protection

Smart Protection are experts in brand and trademark protection - we fight against counterfeits and unauthorized usages of brands with machine learning technology.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

InsightCyber

InsightCyber

InsightCyber is on a mission to keep the world’s critical infrastructure, supply chains, and manufacturing operations cyber-safe, helping to prevent attacks that can have catastrophic impacts.

DeepFactor

DeepFactor

DeepFactor is the industry’s first Continuous Observability platform enabling Engineering and AppSec teams to find and triage RUNTIME security, privacy, and compliance risks in your applications.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

Guardsman Cyber Intelligence (GCI)

Guardsman Cyber Intelligence (GCI)

GCI provides proven cyber intelligence solutions to protect your business against ever present physical and digital threats shadowing your online business.

Corona IT Solutions

Corona IT Solutions

At Corona IT Solutions, our team of specialists in networking, wireless and VoIP are dedicated to providing proactive monitoring and management of your IT systems.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.