Let’s start off with a simple question: What type of data does your business store?
A. Client or donor information
B. Internal proprietary data
C. Financial Data
D. Trade Secrets
E. Sensitive or Classified Information
If any of these apply to your business, a hacker out there wants your data.
Each day there are reports about a high-level cyber attack on an organization, topped off with either an outrageous ransomware demand or an overwhelming number of records compromised. However, you likely don’t hear about the breaches of smaller organizations, which are becoming more frequent. Hackers target organizations under 1,000 employees, knowing there is less likelihood of them having an in-depth security program (or budget to support it), which means more opportunities for them to exploit a company’s vulnerabilities. And if all goes well for the hacker, these organizations may not even know they’ve been breached until it is too late.
Fully understanding who your adversaries are in the cybersecurity space is a critical step to improving your security posture and ensuring your data is secure. In order for you to adequately defend your business from a potential breach and reduce the vulnerabilities of your business, you need to understand the psychology of the hacker: who they are, why they want your data, and how they are attacking you.
Different Types of Hackers
On the end of every threat, there is a human who, at one point or another, initiates the attack. To defend against hackers, you need to understand their motivations for targeting your business and why they are going after your data. Here’s a quick reference guide on some of the different types of cyber security attacker:
Who: State-sponsored cyber attackers
Goal: To profit intellectually and use data for espionage
Targets: Other governments, government contractors
Note: Stealthy and typically well-funded; will attack smaller businesses to get to larger organizations via their supply chain
Who: Attackers that range from single contractors to large organizations
Goal: To profit financially off a business’ data
Targets: Everyone and anyone
Note: They will attack whomever they have the opportunity to, especially organizations under 1,000 they know will neither have extensive security programs nor the ability to detect a breach in real time
Who: Political and social activists with hacking skills
Goal: To make a point to highlight their cause, disruption
Targets: Any organizations that are related to their cause, or coming out against their cause
Note: Even smaller businesses can be a target for hacktivists, depending on industry and partnerships they may have.
Who: Less tech-oriented opportunistic attackers
Goal: An easy win by grabbing data and using it for profit, often times not even understanding the consequences of their actions
Targets: People in public places accessing sensitive or personal information; businesses with poor patch management practices
Note: They use scripts readily available online and created by others to target businesses for known vulnerabilities
Who: Disgruntled current or past employees
Goal: To seek revenge against the organization
Targets: The company they work for/used to work for
Note: These hackers have an understanding of company policies, and may succeed in hacking without arousing suspicion
How can I protect myself?
Though there are an endless amount of tactics on the hacker’s side, there are also measures that your business can put in place to proactively protect your data. These methods include, but are not limited to:
• Employee Education - Training your employees on the types of threats they may face and how to best counter them, from phishing campaigns to security awareness
• Security Information and Event Management (SIEM) or Security Operations Center (SOC) - Having a centralized log management system with a SIEM/SOC means that you are able to detect potential incidents in real time, allowing for faster and more complete eradication of any threat
• Managed Firewall Service - Ensuring your firewall and other edge/perimeter devices are receiving the latest firmware and patch update will help secure your main point of entry/ingress point
• Vulnerability Assessments - Providing you with the transparency to know what your vulnerabilities are, and allowing you to remediate them before they are used to exploit you network
Hiring a managed security service provider (MSP) and outsourcing cybersecurity can often be the smartest way for many people in the any industry to keep up with the ongoing responsibility of protecting data. It’s clear that if criminals aren’t going to give up their ways, professionals need to have a backup plan that works.