How To Beat The Hackers

Uploaded on 2018-05-09 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Though care is taken to shroud their operations, the sophistication, execution and malice of cyber-criminals  are aligned with those historically practiced by criminal organisations. 

Although the specifics of cybercrime may be unclear to many, we can draw parallels between the approach, structure and malice of these attacks that were historically practiced by traditional mafia gangs.

What is Cyber-Crime?
Cybercrime comes in many forms and advances are being made all the time, criminals are either looking to cause disruption to organisations by bringing down IT systems, or for financial gain.

The Common forms of cybercrime are considered as:

  • Phishing: bogus emails that may look like they come from a trusted source asking for security information and personal details.
  • File hijacker: where criminals hijack files and threaten them as Ransomware.
  • Keylogging: where criminals record what you type on your keyboard and steal passwords and personal information.
  • Screenshot manager: allows criminals to take screenshots of your computer screen.
  • Ad clicker: criminals will create online adverts that direct a victim’s computer to click a specific link.

What are the consequences of a cyber-attack?

  • PR Damage: many businesses do not consider the reputational damage an attack could have on their business, especially if data is stolen.
  • Commercial Down Time: even if you do not pay cyber criminals you may well experience business down time which will lead to financial loss.
  • Lost-time: if you fall victim to a cyber-attack you are more than likely to experience business down time. Could your business operate without data, documents or email?
  • Legal: There may be legal implications, if you do not have the correct security and data protection regulations in place you may be liable for GDPR and the rest.
  • Individually: Over £1bn has been stolen from UK bank accounts through credit and debit card fraud in the past 12 months, our research has shown.

Worryingly, these kinds of online attacks can be as devastating as real-world crime. 
For instance, ILoveYou or Love Bug or Love Letter, is a worm spread via email with an attachment which overwrote random types of files, including Office files, image files, and audio files. It then sent itself to all of the addresses in Windows Address Book, causing it to spread rapidly.

The worm was thought to have caused up to $8.7 billion in damages worldwide and a further $15 billion was required to remove it. An estimated 10% of the world’s internet-connected computers are thought to have been affected. The Petya Attack is another recent example of how dangerous these kinds of attacks can be and how quickly they can spread.

The New Gangs
Crucial to beating these new gangs is understanding their motives and operations. These online operators are comparable to traditional crime families, with four distinct groups emerging. These are:

1. Traditional gangs – Taking the motivations of traditional organised gangs (the theft and sale of goods to the online world) this group is comprised of pre-existing groups and hackers that are co-opting those with the skills to help them remain on top. 

2. State-sponsored attackers – This group is interested in sabotage and corporate theft, with the aim of stealing information and interfering with political activity. Blurring the boundaries of cyber-crime and cyber warfare, their actions may be subtler than others but are no less devastating.

3. Ideological hackers – Often attempting to use the threat of leaking classified information, this gang is renowned for acting on what they deem moral and ethical duty. They can often pressure their victims to act in their favour by seeking to destroy the reputations of high profile organisations.

4. Hackers-for-hire – Comparable to paid guns-for-hire, these individuals operate with an emphasis on the reliability of their service. The most significant change here is the vanishing of the need for technical knowledge. Would-be cyber criminals now no longer need to learn the appropriate skills, but can instead pay to the carry out of their crimes.

The growing sophistication of these emerging groups and the ability to evade detection means that in some cases, businesses may only realise they have been a victim months or years down the line.

The various ways in which they can be targeted, such as IP theft, data breaches and theft of funds can lead to confusion around the size and scope of threats.

Information Age

You Might Also Read:
 

« Hacker Group Targets Healthcare Providers
Senior IT Execs Admit Cyber Threats Are Out Of Control »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

Endian

Endian

Endian’s mission is to provide a secure platform that connects distributed people and things, simplifying the digitalization of businesses.

Lepide

Lepide

LepideAuditor is a powerful Data Security Platform that enables you to reduce risk, prevent data breaches and prove regulatory compliance.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

Avertro

Avertro

Avertro helps leaders manage the business of cyber. We help explain cybersecurity to executives, forecasting outcomes, right-sizing your spend, and validating your cyber strategy.

Cyber Defense Networking Solutions (CDNS)

Cyber Defense Networking Solutions (CDNS)

CDNS is a global network infrastructure provider whose platforms are engineered for security, optimized for speed and designed for resiliency.

SynSaber

SynSaber

SynSaber is a data collection, detection, and visibility solution that forms the foundation of industrial cybersecurity.

FiVerity

FiVerity

FiVerity provides financial institutions with cyber fraud defense to combat a dangerous and growing threat - the convergence of fraud-related theft with sophisticated, high-volume cyber attacks.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

Guardsman Cyber Intelligence (GCI)

Guardsman Cyber Intelligence (GCI)

GCI provides proven cyber intelligence solutions to protect your business against ever present physical and digital threats shadowing your online business.

DEKRA

DEKRA

DEKRA’s promise is to ensure the safety of human interaction with technology and the environment.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

Skyhigh Security

Skyhigh Security

Skyhigh Security enables your remote workforce while addressing your cloud, web, data, and network security needs.

Brightworks Group

Brightworks Group

BrightWorks Group offer comprehensive technology operations and security operations consulting services, tailored to meet your specific needs.

Doherty Associates

Doherty Associates

Drawing on our deep industry knowledge and business insight, Doherty deliver intelligent IT solutions and services that help people work more securely, more productively and more creatively.

Lithuanian Cyber Command (LTCYBERCOM)

Lithuanian Cyber Command (LTCYBERCOM)

The Lithuanian Cyber Command is responsible for planning and execution of operations in cyberspace and installation of strategic and operational communications and information systems.