Cyberattacks and data breaches happen worldwide, and no one is immune. Your business needs to protect its networks and systems, and secure sensitive data. What types of cybercriminals are actually out there? And which groups might be targeting your business? This roundup discusses the biggest threats, who and what they're after.
For the most part, we can break Cyber Criminality down into 3 categories: Criminal Empires, State-based and Lone Wolf. Each of these have differing, and sometimes overlapping targets as well as massively different resources. Knowing who would be most likely to target your company is the first step to securing your environments.
Cybercrime Gangs
Online crime is a lucrative industry. Cyber gangs are the digital Mafia. Their targets vary and can be spread out globally as can the reasons for their attacks. Many groups perpetuate ransomware and phishing attacks to gain access to privileged accounts and information which is then either ransomed or sold to the highest bidder. Other groups "sell" their services to the highest bidder.
Targets of these groups can vary widely and can range from global corporations to small mom and pops. Most mass-scale ransomware attacks are perpetuated by these groups who have the resources to scale their attacks and target thousands of potential victims. Commonly targeted industries are healthcare (personal information) and research, development and engineering firms (proprietary research). Architectural and construction industries can also be lucrative targets as these are industries that are focused on getting a job done on schedule and can be more readily coerced or threatened. If you fall into one of these industries, ensuring you have a comprehensive security strategy is extremely important.
State-based Actors
State Actors have recently been making more headlines but, in truth, have always been around. They typically comprise of official departments (the Department of Homeland Security and FBI both have extensive cyber crime/security divisions) but can also be the previously mentioned Cybercrime Gangs who are recruited and paid by governments to execute attacks for them.
When it comes to targets, State Actors typically shoot for the big game:
- Infiltrating national banking systems
- Compromising critical infrastructure
- Intelligence gathering
- Election tampering
- Creating incidents of international significance
- Engaging in propaganda and/or disinformation campaigns
Australia recently announced a "sophisticated state-based cyberattack" on political and private-sector organizations. Meanwhile US government officials are warning that cyber attacks concerning the 2020 presidential election are already underway. State actors also used cyber techniques to damage Iran's nuclear program several years ago.
These attackers are often motivated by nationalism, but this doesn't mean businesses are safe. A politically motivated cyber actor might target a hotel hosting an international convention or gain access to a government vendor to send false communications. Other large venues are also potential targets along with large multi-national corporations like Facebook, Microsoft, Google and more.
But what about companies which aren't that big? Surely they don't have anything to worry about right? Well, not quite. While it's true you may not have the full force of an entire nations government coming down on your network, some industries can still be targets. Manufacturers who make products used for national security, airline or other similar industries can be big targets. Basically, any industry which works with governments can be at risk.
Lone Wolves
Also known as disorganized crime, this is the online equivalent of a petty thief. Many make their income stealing money from low-hanging targets. These targets tend to affect small and medium businesses often but not necessarily for the reasons you may be thinking up right now.
You might be thinking of these people as sitting in a dark room, crushing cans of Red Bull and watching hundreds of lines of code flash on the screen. But this isn't always the case. In fact, lone wolf attacks can be perpetuated by anyone: current or former employees or co-workers included.
The best way to find and stop these types of attacks is to have both strong company security policies as well as strong general company policies in place. Regular auditing and reviews are also necessary to track anomalies and suspicious behavior. No matter what size your company is, large or small, and no matter what industry you're in, having these fundamentals in place is something everyone should be doing.
Like to learn more?
Now that you better understand why your business might be targeted, it’s time to take the necessary steps. If you'd like to learn more and how we can help solidify your cybersecurity stance. Click the button below to get in touch.