Cyber-attacks are hitting the headlines on a daily basis and a lot of effort goes into both preventing them and dealing with the consequences when they have happened. Understanding the motivation behind attacks can help organisations understand more about the risks they face so that they can tackle them.
So why do cyber-attacks happen?
1. For financial gain
This is the most likely reason an organization get attacked. Criminals are looking to gain financially in three main ways:
Data breaches to feed identity theft. Third-party fraud is fuelled by identity theft, and breached data gives criminals the information they need to take over someone’s identity. In the UK the CIFAS Fraud Scape 2016 highlighted a 49% growth in identity theft over the previous year.
Criminal gangs are well-organised and operate on a commercial basis – there is a supply chain, those that steal data are unlikely to be the same criminals who commit the identity theft and fraud. The dark web provides a market place for stolen credentials – with those that have stolen personal data selling it on to those who wish to commit fraud.
Cyber-attacks with financial demands. A modern take on blackmail, this can affect organisations of all sizes as well as individuals. There are many variations — for example, hackers takeover a victim’s computer and freeze it, they then offer to reinstate access after a ransom has been paid. Another variation lead to a recent case where guests at a hotel in Austria were prevented from entering their rooms until a ransom had been paid – the hotel is reportedly removing electronic locks accessed with cards and reverting to old-fashioned keys!
Attacks to perpetrate a direct fraud on a business. This type of attack usually involves the diversion of funds from their legitimate destination to a fraudster’s account. Criminals use techniques such as phishing and vishing to tease out enough information to enable them to mount an attack. They then access email systems and send emails that look legitimate but aren’t. A variation of this attack is invoice fraud when an email is received that looks like it is from a legitimate supplier and is advising of a change of bank account details – unfortunately, the bank account details supplied are those of a fraudster. This kind of fraud often combines elements of cyber-attack with offline elements such as social engineering.
2. To make a political or social point
Hacktivism involves breaking into a system for political or social reasons. Until relatively recently, this was seen as the domain of underground organizations such as Anonymous. The recent US election has put focus on the role that governments might play in furthering their aims through hacking a