CYBER SECURITY
Get the attacker’s view on your cyber defence Steve Benton, BT Deputy CSO, GM Cyber and Physical Security Operations and Programmes, shares his insights on the five core aims of cyber attackers - and the multi-layered defence approach that could stop them targeting your business.
I
’ve been talking to hackers, to get into their mindset so I can work out how best we can help businesses protect their end users and sensitive data. And the first thing that comes out is that, generally, a cyberattack is nothing personal; you’re not being specifically targeted. Most phishing, ransomware or vulnerability scanning attacks out there are widespread sprays, hoping for a pay-out. It’s a numbers game; test the defences of enough organisations and you’ll find one that will let you in. It’s like walking down your main shopping precinct and having a flyer thrust into your hand - you’re a target, but you’re not being specifically targeted. Most people will bin the flyer without reading it, but a few will read and act upon the information, bringing in enough return to make the whole flyer operation profitable.
30
So, if it’s rarely personal, why do hackers attack? What’s in it for them? By understanding the level of investment they’re willing to make and the danger they’re willing to risk, we have a better chance of disrupting their operating model or putting a stop to it altogether.
The five core ‘wants’ of cyber attackers My research unearthed five main elements attackers are looking for. Once you understand them, you have the basis for a robust defence strategy. You can filter an attacker’s wants into the following: #1 Your bandwidth They want to use your networks and IT for targeted attacks against others or as part of their DDoS attack infrastructure. #2 Your money This can take many forms, from mining bitcoin through to extortion or
SECURITY FOCUS AFRICA NOVEMBER – DECEMBER 2020
manipulating your stock price. A whaling attack could trigger fraudulent money transfers, or they could steal funds through capturing credit card and banking details. #3 Your data Attackers can monetise your data through extortion, with or without ransomware, either threatening to delete or leak your data. They can also obtain funds by stealing your intellectual property. #4 Your storage They might need somewhere to store something illegal and/or non-attributable on your systems. Think pirate software and illegal images. #5 Your identity Although your identity may well only be worth pennies if harvested and sold on, it might bring in a greater return if used in attacks against your social network or employer. Think whaling.
securityfocusafrica.com
