Cybercriminals may have more technical knowledge than the average thief, but their strategies are not much different. The average thief looks for targets that are easy to rob and offer the least potential for them to get caught. For that reason, robbers tend to avoid houses with dogs or lots of alarms. That doesn’t mean these houses can’t be robbed; it just means the risks versus rewards associated with robbing that particular house make it less likely.
The same scenario plays out with IT security. When cybercriminals detect that there is a lot of well-managed IT security is in place, their first instinct is to go look for easier prey. They may wonder what’s behind all that security, but the cost of hacking through multiple layers of IT security defenses makes it too costly and time consuming for the average hacker to make the effort. Just like everybody else, most criminals have monthly expenses they need to cover.
Unfortunately, these criminals are getting more adept at end-running IT security technologies. Instead of hacking into systems, the most common way to breach an IT environment is through phishing attacks that trick unsuspecting users into giving up passwords and other forms of personal data. The most common forms of phishing attacks involve attachments to email files that trick users into downloading a file loaded with malware. Modern malware attacks are particularly nasty because the malware often includes encryption software that makes it impossible for victims to read their own files. These “ransomware” attacks usually require the organization to pay a fee using some form of digital currency such as Bitcoin to get the keys needed to de-encrypt their files. Not only are these types of attacks on the rise, the fees are starting to climb into the tens of thousands of dollars.
Because these attacks rely on social engineering techniques to fool end users into manually bringing malware into their environments, there is no effective IT security defense against them. Savvy IT organizations are now backing up their files to make sure they at least have a pristine copy of them. Should their files get encrypted, they can at least recover their files without having to pay a ransom. The trouble is that most organizations today are not especially rigorous about regularly backing up their files.
This situation is likely to get worse. It doesn’t cost much to launch a phishing attack. From the perspective of the cybercriminal, the return on investment on these types of attacks is high. About the only thing an organization can do to defend itself is invest more in training employees to recognize a phishing attack. That’s why initiatives such as National Internet Safety Month are so important.Understanding the motivations of an attacker can strengthen defenses. #june #internetsafetymonth @staysafeonline Click To Tweet
But even the best trained employees can slip up. Cybercriminals, for example, will craft an email that is aimed at a specific employee. This email will include a lot of personal detail garnered from social media sites and other resources that allow the cybercriminal to trick the victim into thinking the email is legitimate. Before many people realize it, they are downloading a piece of malware that will disrupt the organization for weeks to come.
While there may be no such thing as perfect security, understanding the motivations of an attacker can strengthen defenses.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for Intronis MSP Solutions by Barracuda.