Understanding cybercrime can help businesses, organizations and firms protect valuable data. Cyber hackers have many motives for attacking networks. Most commonly, they do it for financial gain, which may explain why criminals frequently target credit card information. The attacks cost firms dearly as online bandits make off with sensitive information to sell in the hidden black market. Businesses can protect their data and stay prepared for cyber attacks by instituting solid network security policies that can help organizations keep their data safe now and in the future.
Cyber Attacks by the Numbers
A March 2016 statistical analysis, published by Cisco engineer Paolo Passeri, found that data theft accounts for almost 80 percent of all unauthorized network intrusions. The intent to spy on and corrupt networks follows closely behind, but pale in comparison with data theft. Cyber security experts do not know the attack vector – the method hackers use to infiltrate a computer network – of over a third of all intrusions. The known methods, listed in descending order from most frequently used, range from:
- Account hijacking, where a hacker breaks into and takes control of a cloud-based service.
- SQLi attacks, which is when a cyber-criminal delivers malicious codes to take over a network database.
- Distributed denial of Service Attacks (DDos), in which an automated program directs so many pirated computers to request a website that no one can reach the page.
- Malvertising, which looks like an advertisement and delivers malicious code to its viewers.
Among all targets, industrial and manufacturing firms make up 40 percent of all intrusion victims.
- It All Comes Down to Money
A March 2016 report from Norwich University estimates that hackers sell one trillion dollars of stolen data annually. Investigators confiscated $80,000 in bitcoin earnings from arms and narcotics sales from a single perpetrator in May 2015, and found that Silk Road, an underground website, transacted $1.5 billion in illegal sales during 2013.
- Cyber Criminals’ Have a Love Affair with Credit Cards
An April 2016 blog post by cyber investigator Brian Krebs reports that in America and Europe stealing credit and debit card numbers directly from ATM users is increasing in popularity. The crime is so prevalent that credit rating giant Fair Isaac Corporation, commonly known as FICO, is alerting the public and the government about this crime. This trend is the reason that most national retailers no longer allow gift card purchases with credit and debit cards, an untraceable method to extract money from stolen card numbers.
- 90 Percent of the Internet Is Not Visible
An October 2015 article penned by digital expert David Kushner reveals that criminals do not operate openly on the Internet; they use the Darknet, a hidden network. Hackers use specific browsers, such as Tor, to access the Darknet, also known as the deep web, without leaving a digital footprint. This area hosts private databases, such as individual email accounts, corporate networks and password protected sites.
- Cyber Attacks Cost Businesses Big Money
An article on the Eastern Kentucky University website, an institution specializing in safety and security, cites that cyber-crimes cost organizations $300 billion annually and that firms do not detect 70 percent of all intrusions. For example, in February 2016, hackers absconded with $81 billion from the Bangladesh Bank, and in 2014, made off with sensitive financial data belonging to 76 million consumers at JP Morgan Chase – the largest bank in the United States.
- Basic Data Protection Is Critical
An American Express OPEN post suggests that firms can protect their data by securing networks with software such as firewalls and intrusion detectors. The post also recommends purchasing breach insurance and using cloud storage.
- Businesses Can Prepare for Attacks
An article penned by Nate Lord for Digital Guardian, a data protection firm, recommends network security training for key staff members on basic, but critical, policies. This is especially important for fledgling companies that may have staff in disparate locations. The author suggests that firms should brief staff members on breach susceptible access points such as Wi-Fi networks, mobile devices and passwords.
- Cyber Security Is an Ongoing Effort
Cisco, the global networking giant, recommends instituting a security “continuum” as follows. Before an intrusion, identify normal network activity, a condition called the baseline. If an attack happens, knowing the baseline makes it easier to identify the attack vector and learn how to improve data security after an attack.
- New Threats May Arise
A CNBC article written by technology reporter Harriet Taylor predicts that cyber attackers will use increasingly complex intrusion techniques, such as ghostware – malicious code that infiltrates a network, steals data then hides its presence. A Patriot Technologies, Inc. blog post suggests that criminals may find ways to use cellular location-based information to target victims, and that scareware – software designed to look like the solution to nonexistent problems such as registry corruption or disk speed issues – will make a hearty comeback.
Organizations can protect their networks by knowing the variables involved with cyber security. Financial gain is the top reason criminals attack corporate databases. Because of this, credit cards are a favorite target among cyber thieves, and businesses suffer severe losses annually. There are steps that businesses can take to prevent these losses, such as best practices suggested by cyber security experts. By doing this, firms can prepare for unfortunate, and seemingly inevitable, network breaches.
This article was written by Ryan Ayers from Business2Community and was legally licensed through the NewsCred publisher network.