What Motivates Cyber Criminals?

Uploaded on 2016-02-19 in TECHNOLOGY--Hackers, NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW

It is clear that most hackers are driven by financial gain. However, recent reports have revealed some contrasting findings in terms of how ‘big’ a gain they are either chasing or able to secure.

According to ‘Flipping the Economics of Attacks’ by Palo Alto Networks and the Ponemon Institute 67% of UK hackers admitted that money is their main incentive for their criminality, although the same research revealed that the average UK cyber-criminal makes just over £20,000 per year (an average of £8600 per attack). These are not excessive amounts of money and are lower than expected, especially when you consider a cybersecurity professional can earn up to four-times that much. This suggests that cyber-hackers are more likely to focus their efforts on quick, easy targets with realistic financial payouts.

After all, more than half (54%) of UK respondents said that it takes less than 24 hours for an experienced criminal to plan and carry-out an attack against an organization with a ‘typical’ IT security structure, with 60% admitting that if the time it takes to perform an attack were to increase by less than two days (40 hours), they would be deterred and move onto another target. Here are our first clues into how hackers work: they are opportunists who like to act quickly to target organizations with weak IT security infrastructures.

The Financial Times reporting a recent upsurge in the number of cyber-attacks carried out against the very wealthy and those who manage their own finances. According to the report, security group Kroll discovered hackers are using networking sites such as LinkedIn to search and identify people with significantly well-paid jobs and then targeting them with malicious attacks to trick them into transferring money.

This suggests a shift in technique, with hackers abandoning traditional mass-phishing exercises and focusing on specific targets. A possible reason for this is that it is becoming more common for people, especially pensioners, to have full access to their finances.

David Flower, MD EMEA, Carbon Black, told Infosecurity:
“It’s fair to say that both high net worth individuals and those that manage their wealth are at a significant risk from hackers. The individuals themselves will always represent an attractive target, particularly for phishing attacks on their endpoints. If a hacker gains access, they could find themselves with a wealth of blackmail material, or information that could let them gain access to funds, so they will always be an attractive and potentially weaker target – particularly if they hit their home server or desktop.”

Kroll investigated attacks that ranged in value from a few thousand pounds to multimillion-pound scams, with cyber-crime estimated to have cost the national economy in excess of £30 billion, figures that significantly contrast those put forward in ‘Flipping the Economics of Attacks’. So, here we have another insight into the minds of cyber-criminals which suggests that far from being satisfied with targeting simple IT infrastructures for small, quick profits many do harbor a desire to secure the elusive ‘big pay out’.
 
Whilst Flower agrees that the very wealthy are a key target for cyber-criminals, he also comments on risks surrounding the wider sphere of financial influence, explaining that brokers, financial advisors, and even personal assistants are also potential targets.

He says:
“By targeting non-executive staff within the wealth chain, whether a broker, or admin assistant, with a malicious email or similar, cyber-criminals can potentially gain access to a server and by extension, millions of pounds worth of financial data.”

One thing that both reports do is to highlight two specific targets that hackers seem to be focusing on.

Firstly, findings from ‘Flipping the Economics of Attacks’ clearly show that because cyber-criminals are so concerned with how long an attack takes to carry-out, organizations whose security infrastructure is deemed to be ‘less mature’ are at greater risk as they can be breached quicker. In contrast, companies that take active steps to share threat intelligence with peers, adopt a prevention-first approach and invest in appropriate technologies that slow the progress of cyber-breaches are far more likely to avoid becoming victims of an attack.

Moving on to the article by the Financial Times, we can also see that hackers are using inventive techniques to pinpoint wealthy individuals, often cloning their email addresses and fraudulently instructing for money to be moved from one account to another. Therefore, people working within board-level roles should be mindful of the amount of information they share on sites like LinkedIn.

Whatever their motivation, cyber-hackers are becoming more sophisticated in their techniques and the prevalence of attacks appears to be on the rise.
 
Flower added:
“It is safe to say that this is a battle that isn’t going to be won any time soon but if cyber-criminals are able to exploit human vulnerabilities for ‘quick wins’, IT needs to step in and provide safeguards that allow for human weakness.”

InforSecurity: http://bit.ly/20QaVy2

« The Blockchain Will Change The Property Business
Barely A Third of Energy Companies Track Cyber Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Airbus Cybersecurity

Airbus Cybersecurity

Airbus CyberSecurity is a European specialist in cyber security. Our mission is to protect governments, military and critical national infrastructure enterprises from cyber threats.

Intelligent Business Solutions Cyprus (IBSCY)

Intelligent Business Solutions Cyprus (IBSCY)

IBSCY Ltd is a leading provider of total IT solutions and services in Cyprus specializing in the areas of cloud services and applications, systems integration, IT infrastructure and security.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

aDolus Technology

aDolus Technology

aDolus delivers a robust solution for safeguarding against counterfeit or malicious software and firmware in mission-critical systems.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

WebSec B.V.

WebSec B.V.

WebSec is a Dutch Cybersecurity firm mainly focused on offensive security services such as pentesting, red teaming and security awareness and phishing campaigns.

Netlinkz

Netlinkz

Netlinkz has developed the Virtual Secure Network (VSN) overlay technology platform, a breakthrough in connectivity security, speed, and simplicity.

Citadel Cyber Security

Citadel Cyber Security

Citadel is a leading 'One Stop Shop' provider of consulting services in cyber and information security. Our experts operate in hundreds of business organizations in Israel and around the world.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

Bfore.ai

Bfore.ai

Stop future attacks, today. Bfore.ai is an operational threat intelligence feed to add predictive technology to your security infrastructure.

Cyber Security Partners (CSP)

Cyber Security Partners (CSP)

Cyber Security Partners specialise in the provision of Cyber Security Consultancy, Data Protection and Certification and Compliance services.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.