Corporate Cybercrime - A Hacker’s Point Of View

Uploaded on 2018-10-18 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

British Airways and Facebook have hit headlines recently when they became the latest in a long list of high-profile organisations to fall victim of a data breach at the hands of malicious hackers.  Events like these inflict significant reputational damage on brands involved, while the customers affected face inconvenience, and perhaps more importantly, stress and uncertainty over what it really means for them personally.

But what about the hackers? What do they stand to gain from an attack like this? And who are this mysterious new breed of cyber criminals?

It’s Child’s Play
I personally started hacking at the age of eleven. It really stemmed from curiosity and a healthy appetite for mischief. While my first ‘hack’ involved a soldering iron and a friend’s Sony Walkman, I quickly moved onto modems, dial-ups and into the systems of a couple of companies – notably one of the ‘big four’ consultancy firms, which subsequently recruited me to help set up the UK’s first ethical hacking department.
My first forays into hacking were in the early days of the internet, but today there is a generation of talented, curious young people who are growing up living and breathing technology. 
They are pushing the boundaries of technology, finding flaws in existing systems and connecting with likeminded people anywhere else on the planet. Businesses today face the challenge of harnessing this talent in a positive way, and make helping their business through ‘white hat’ hacking a more attractive proposition than going down the ‘black hat’ malicious hacking route.

The Human Target
Hollywood movies have created a common idea that hacks involve sneaky individuals getting into systems by hacking direct into the machines themselves in the dead of night. This is no longer the case. Hackers today typically don’t attack computers directly. Computers are hard targets with solid defences, so instead they go for the weak link – the people who use them.
The vast majority of cyberattacks against companies are human-targeted attacks. Unlike machines, people are vulnerable to psychological trickery. Hackers can directly target people inside a company, and by tricking them into opening emails or revealing insufficiently secure passwords, they can then use tools like spyware and malware to take control of systems from wherever they are in the world.

Infiltrating the InBox
Email-based hacking is the fastest growing form of cybercrime. It was the mechanism used by Russian Hackers in 2016 to compromise Hilary Clinton’s campaign HQ, sending emails targeting Jon Podesta and other high-ranking officials to get spyware into the DNC computer system.

While businesses can invest a lot of money to create secure systems, you are only as strong as your weakest link, and unfortunately these systems are used every day by humans. It is vital that employees are urged to stay vigilant and trained in best practices, because it only takes one cleverly worded email for hackers to attack your system from the inside out.
It’s not all about the Money

When we see stories like the British Airways data breach in particular, it is very easy for us imagine why someone would want access to more than 300,000 people’s credit card details. This leads many business leaders – particularly those running smaller companies or firms who aren’t directly processing payments – to fall into the trap of thinking ‘nobody would care about our data’ and subsequently take a lax view when it comes to cybersecurity.

While some hackers are of course intent on major financial fraud, that is not the only motivation. Some are intent on little more than mischief, while other might have a personal reason for targeting a particular company, such as ‘hacktivists’ hitting organisations because of a political or social motivation.

The reality of today’s digital world is that your data is your business. Customers, staff and partners trust you with their invaluable data every day, so you owe it to them to keep it safe from the threat of hackers or that trust could quickly disappear.

By Tayo Dada: Cyber security expert and the founder of Uncloak.io, the world’s first blockchain powered cyber security solution.

Management Today:

You Might Also Read:

How To Hack the Hackers: The Human Side Of Cybercrime:

 

« Blockchain As A Service Market To Reach $7 Billion
Lesser Skilled Cybercriminals Adopt Nation-State Hacking Methods »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

Brinqa

Brinqa

Brinqa is a leading provider of unified risk management and security analytics.to manage IT governance and technology risk.

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity provide solutions for Secure Networks, Secure Communications, Network Analysis, and Endpoint Security.

App-Ray

App-Ray

App-Ray provides fully automated security analysis of mobile applications to find security issues, privacy breaches and data leaking potentials.

ID Agent

ID Agent

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions.

Nexcom International

Nexcom International

Nexcom operates six global businesses - IoT Automation, Intelligent Digital Security, Internet of Things, Intelligent Platform & Services, Mobile Computing Solutions, Network & Communications.

Signifyd

Signifyd

Signifyd is the world's largest provider of Guaranteed e-Commerce Fraud Protection.

Cyber Security Advisor

Cyber Security Advisor

Notice how sophisticated the cybersecurity market is. Think how would you pick the security provider, assess your company, and be sure of your security decisions? Cyber Security Advisor is the answer!

IDX

IDX

IDX is the leading consumer privacy platform built for agility in the digital age.

Elisity

Elisity

Elisity Cognitive Trust is a new security paradigm that combines Zero Trust Network Access and an AI-enabled Software Defined Perimeter.

ESC - Enterprise Security Center

ESC - Enterprise Security Center

ESC is a system house specializing exclusively in IT security - Security Implementation & Optimization, Operations, Managed Security Services.

All About Cookies

All About Cookies

All About Cookies is an informational website that provides tips, advice, and recommendations to help you with Online Privacy, Identity Theft Prevention, Antivirus Protection, and Digital Security.

Indevtech

Indevtech

Indevtech has been serving Hawaii since 2001, providing end-to-end managed IT services to small- and medium-businesses.

Post-Quantum Cryptography Alliance (PQCA)

Post-Quantum Cryptography Alliance (PQCA)

The alliance seeks to address cryptographic security challenges posed by quantum computing by producing high-assurance software implementations of standardized algorithms.

Palindrome Technologies

Palindrome Technologies

Palindrome Technologies help clients defend against cyberattacks across all attack surfaces, including hardware, software, network-to-cloud, people, and emerging technologies.