As more people put their lives online and more businesses rely on the internet for their very existence, the implications of a successful hacking attempt have grown exponentially.
A Brief History of Hacking
The first known internet hacker appeared in 1989, perpetrating a denial of service attack in which a server was flooded with millions of requests in an attempt to shut the system down. Although the hacker in question claimed that his real goal was uncovering security flaws, the actions he took were taken seriously, and were most definitely a crime.
The Various Types of Hackers
When most people think of hacking, they imagine a loner sitting in their basement, hacking into websites and testing government defenses just because they can, but today – that image is no longer reflective of the modern day bad actor, particularly those wreaking havoc on a larger scale.
The Rise of the Nation State Hacker
These nefarious organizations are financed not by long suffering parents but by rogue governments, making them a real threat to businesses large and small.
Nation state hackers have access to enormous amounts of capital, and they use those funds to purchase the most sophisticated toolsets available, including ready-made malware, custom written ransomware and more. Worse yet, the government backing gives these nation state actors a type of shield, making their hacking efforts much more difficult to detect and fight.
Hacking for Money – The Problem of the Cyber Criminal Group
In the infancy of hacking, many attempts were done to satisfy curiosity or procure bragging rights. And while those types of hackers do still exist, for the most part, modern day hacking is a monetary affair.
It may seem strange, but the presence of cybercriminal group hacking is proof positive that cybercrime has become a business – and a very lucrative one at that. Think of these hackers as the online equivalent of organized crime, with all the fear and intimidation that image brings to mind.
In this type of hacking, a group of lone actors will band together to execute a specific attack. If the victims can be extorted, the members of the gang will split the proceeds and go their various ways.
In other cases, the gang of hackers may be more permanent, staying together to pull off attack after attack, draining the funds of their victims in the process. These groups tend to use specific tools to perpetrate their crimes, and may act in a similar manner to the nation state actors outlined above.
The appropriately named REvil organization is widely known, and surely the most successful of these organized criminal hacking gangs. You may remember the name REvil from the ransomware attacks the gang pulled off, including intrusions into the payment systems of the Colonial Pipeline and extortion attempts on JBS and other large, well-capitalized companies.
A Misplaced Sense of Justice – The Hacktivist Community
Believe it or not, some hackers actually think they are doing good, and they often band together to perpetrate a twisted, if earnest type of justice. Some of these so-called hacktivists are motivated by social aspects like racism and climate change, while others target their hacking efforts toward specific companies or industries they believe are doing wrong.
The group known as Anonymous is perhaps the best known example of a hacktivist group in action. Some consider this rogue band of hackers heroes, while others portray them as villains. Like most topics, perspective often comes down to an individual’s position and point of view, but there is no doubt that these hacktivists can be dangerous and should be taken very seriously.
Why Do They Do It?
From the lone hoodie-clad computer nerd in the basement to the state actor in a secure government building, a common question is “why they do it”. As with so many things in life, there are many different answers to this question, but we’ll take a look at the most common reasons.
The simplest answer is money and financial gain. Hackers stand to make a great deal of money if their attacks are successful and many hackers earn a full time income through their nefarious deeds.
These hackers know that in the internet age, there is nothing more valuable than data.
Consider a pharmaceutical company that has spent millions of dollars developing a new drug, and the gain hackers would receive if they were able to infiltrate their systems and steal their secret formulas. This is just one example, but there are countless others playing out in real time throughout the corporate world.
As the global supply chain was stretched to its breaking point, attacks on this already fragile infrastructure have become increasingly more common. It began with the Target breach, perpetrated through the lax security of an HVAC vendor. Attacks continued to target technology providers like SolarWinds and Kaseya. Today, they are wreaking havoc with companies up and down the supply chain.
In the case of SolarWinds, the organization was not the end goal. The SolarWinds hack was a means to an end that resulted in compromising untold numbers of companies around the world. These large-scale attacks combined with hacktivist groups creates a clear picture of just how dangerous and widespread the world of cybercrime has become.
Hacking Protection Measures
In order to guard against these dangers, you need to take a proactive, layered security approach. This means taking a full inventory of assets and data so you have a baseline to work from.
While cyber security can be daunting to grasp, one of the best ways to begin is by engaging in a Network Security assessment for a detailed summary of vulnerabilities in your network.
Additionally, it is important to identify both authorized and unauthorized devices and software on your network. Some businesses are taking this one step further by implementing the Zero Trust security model.
Proactive hacking security measures should include auditing event and incident logs on a regular basis, something many businesses fail to do. Careful monitoring of hardware and software updates should include the following actions:
- Managing hardware and software configurations
- Grant admin privileges only when absolutely necessary
- Monitoring network ports, services and protocols
- Activating the appropriate security configurations for routers, firewalls and other infrastructure devices
- Establishing a software allow list that only allows the execution of legitimate applications
- Conducting regular vulnerability assessments
- Patching of operating systems and applications
- Updating software and applications to the latest version
- Using sandbox analysis to block malicious emails
- Deploying the latest security solutions
- Detecting potential attacks at their earliest stages
- Using advanced detection tools and techniques, including the application of AI and machine learning
- Training employees and providing ongoing assessment
- Conducting red team exercises and penetration tests
Companies like Ontech are able to automate these tasks and combine advanced AI technology and human backed checks and balances through managed security services to ensure all your bases are covered.
Defending against hacking and cybercrime is serious business, and you need the right partner in your corner. At Ontech Systems we provide a multi-layered approach to cyber security.
From assessing vulnerabilities, to real-time testing and security awareness training, we will build a comprehensive proactive approach that fits your current budget, goals and future outlook for your organization.
If you would like to learn more about the cyber security defenses Ontech Systems offers, we encourage you to reach out to us online through our free network discovery or by phone at 262-522-5860.