Corporate Cybercrime - A Hacker’s Point Of View

British Airways and Facebook have hit headlines recently when they became the latest in a long list of high-profile organisations to fall victim of a data breach at the hands of malicious hackers.  Events like these inflict significant reputational damage on brands involved, while the customers affected face inconvenience, and perhaps more importantly, stress and uncertainty over what it really means for them personally.

But what about the hackers? What do they stand to gain from an attack like this? And who are this mysterious new breed of cyber criminals?

It’s Child’s Play
I personally started hacking at the age of eleven. It really stemmed from curiosity and a healthy appetite for mischief. While my first ‘hack’ involved a soldering iron and a friend’s Sony Walkman, I quickly moved onto modems, dial-ups and into the systems of a couple of companies – notably one of the ‘big four’ consultancy firms, which subsequently recruited me to help set up the UK’s first ethical hacking department.
My first forays into hacking were in the early days of the internet, but today there is a generation of talented, curious young people who are growing up living and breathing technology. 
They are pushing the boundaries of technology, finding flaws in existing systems and connecting with likeminded people anywhere else on the planet. Businesses today face the challenge of harnessing this talent in a positive way, and make helping their business through ‘white hat’ hacking a more attractive proposition than going down the ‘black hat’ malicious hacking route.

The Human Target
Hollywood movies have created a common idea that hacks involve sneaky individuals getting into systems by hacking direct into the machines themselves in the dead of night. This is no longer the case. Hackers today typically don’t attack computers directly. Computers are hard targets with solid defences, so instead they go for the weak link – the people who use them.
The vast majority of cyberattacks against companies are human-targeted attacks. Unlike machines, people are vulnerable to psychological trickery. Hackers can directly target people inside a company, and by tricking them into opening emails or revealing insufficiently secure passwords, they can then use tools like spyware and malware to take control of systems from wherever they are in the world.

Infiltrating the InBox
Email-based hacking is the fastest growing form of cybercrime. It was the mechanism used by Russian Hackers in 2016 to compromise Hilary Clinton’s campaign HQ, sending emails targeting Jon Podesta and other high-ranking officials to get spyware into the DNC computer system.

While businesses can invest a lot of money to create secure systems, you are only as strong as your weakest link, and unfortunately these systems are used every day by humans. It is vital that employees are urged to stay vigilant and trained in best practices, because it only takes one cleverly worded email for hackers to attack your system from the inside out.
It’s not all about the Money

When we see stories like the British Airways data breach in particular, it is very easy for us imagine why someone would want access to more than 300,000 people’s credit card details. This leads many business leaders – particularly those running smaller companies or firms who aren’t directly processing payments – to fall into the trap of thinking ‘nobody would care about our data’ and subsequently take a lax view when it comes to cybersecurity.

While some hackers are of course intent on major financial fraud, that is not the only motivation. Some are intent on little more than mischief, while other might have a personal reason for targeting a particular company, such as ‘hacktivists’ hitting organisations because of a political or social motivation.

The reality of today’s digital world is that your data is your business. Customers, staff and partners trust you with their invaluable data every day, so you owe it to them to keep it safe from the threat of hackers or that trust could quickly disappear.

By Tayo Dada: Cyber security expert and the founder of Uncloak.io, the world’s first blockchain powered cyber security solution.

Management Today:

You Might Also Read:

How To Hack the Hackers: The Human Side Of Cybercrime:

 

« Blockchain As A Service Market To Reach $7 Billion
Lesser Skilled Cybercriminals Adopt Nation-State Hacking Methods »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CEPS

CEPS

CEPS is a leading think tank and forum for debate on EU affairs, ranking among the top think tanks in Europe. Topic areas include Innovation, Digital economy and Cyber-security.

Mitol PerfectBackup

Mitol PerfectBackup

Mitol PerfectBackup provide Enterprise Online Backup, Disaster Recovery and Cloud Computing Services.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

ARC Advisory Group

ARC Advisory Group

ARC is a leading technology research and advisory firm with expertise in both information technologies (IT) and operational technologies (OT)

Government Communications Security Bureau (GCSB)

Government Communications Security Bureau (GCSB)

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

Garner Products

Garner Products

Garner design, manufacture, and sell equipment that delivers complete, permanent, and verifiable data elimination.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

FraudWatch International

FraudWatch International

FraudWatch has been protecting client brands around the world since 2003, and are the leaders in online brand protection from phishing, malware, social media and mobile apps impersonation.

Macquarie Telecom Group

Macquarie Telecom Group

Macquarie Telecom is Australia's datacentre, cloud, cyber security and telecom company for mid-large business and government customers.

SecureWorx

SecureWorx

SecureWorx are a secure multi-cloud MSP, a provider of advanced IT security services and an independent cyber security advisory.

BCN Group

BCN Group

BCN Group is an agile IT solutions provider. We are experts in delivering and managing business-critical technology solutions.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

Descope

Descope

Descope is a service that helps every developer build secure, frictionless authentication and user journeys for any application.

Hetz Ventures

Hetz Ventures

Hetz Ventures is a global-facing VC investing in highly talented and ambitious Israeli founders who operate at the cutting edge of deep technology.