Cybersecurity Threats Part 1: How a Hacker Hacks

By: Kim Ellery | 12/27/2018

Cybersecurity is far from clear cut. There are many different approaches to protecting data and seemingly countless technology tools. Truth be told, a little luck helps sometimes too. One tried and true strategy is to learn from the organizations who have already fallen victim to hackers and their antics. Unfortunately, opportunities for lessons learned are many.

In the last couple of years, a few mega breaches stand out. In 2017, we saw the data of 147 million Equifax customers compromised due to criminals conducting a drive-by download. A vulnerability in the company’s web server allowed intruders to map to a credit dispute portal server, gain login credentials, and compromise 51 other servers. Data extraction went on for more than 76 days.

In 2016, the dating site, AdultFriendFinder fell victim to an underground Russian hacking group who, as in the Equifax example, successfully exploited a web server’s vulnerability and compromised 412 million user accounts. In 2013 and 2014, Yahoo was also attacked by Russian hackers who went on to compromise over 3 billion users. The FBI was brought in and their investigation into the incident spanned two years.

Cyberattacks happen every day to organizations of all sizes, across every industry. The Verizon 2018 Data Breach Investigations Report (DBIR) breaks out cyber threats in nine categories and this year, the most common is web application vulnerabilities.

Malware, Phishing and Ransomware – oh my!

For maximum financial gain, hackers rely heavily on malware. According to the DBIR, 92 percent of malware is delivered by email. One report says costs to businesses from email scams has hit the $9 billion mark. Another report says phishing attacks have increased 297 percent over last year. It’s clear that there’s a lot to gain financially from exploiting organizations’ vulnerabilities.

In recent years, the use of ransomware has spiked significantly. Payments to criminals to unlock files reached $2 billion in 2017 – doubling the payouts in 2016. The average ransomware demand grew by 266 percent increase over the year before. Today’s payments average about $1,000, and most hijackers want you to pay in bitcoin.

With all these stats trending in the wrong direction, the hackers craft is becoming more lucrative, increasing their incentives and ultimately probability of successfully breaching your organization’s sensitive information. Which means that it is vital that you strengthen your defenses and have a rock-solid incident response plan. While cyber criminals continue to get more innovative, one thing that never seems to change is their ability to find new, increasingly severe ways to disrupt your business and steal your data.

Gain control of your asset intelligence with Absolute

In the second part of this post, we’ll look at how to make it harder for cyber criminals with a checklist of cybersecurity best practices. If you’re thinking about New Year’s resolutions, implementing security best practices should be at the top of your list. In the meantime, consider checking out our webcast, Cyber Threat Checklist: Are You Prepared with SANS Institute.


Financial Services