Know Your Enemy: Understanding the Motivation Behind CyberAttacks
We area unit usually asked what motivates cyberattacks — why attackers do what they are doing. typically it’s obvious: If an information breach yields credit and charge account credit details that area unit then oversubscribed on the Dark Internet, profit is sort of clearly the motive. Then again, a noticeable motivation like cash will be a smokescreen activity a unique, deeper motivation for the associate attack.
What’s the Motivation for Attackers?
The single greatest inducement for cyberattacks in today’s world is, arguably, profit. It comes as no surprise that crime is calculable to become a $2.1 trillion downside by 2020 — and there’s no shortage of attackers United Nations agency desire a share of the pie.
Methods of attack that result in financial gain abound. Cybercriminals use money malware like Carbanak, Dyre, Dridex, Rovnix, and Shifu to steal funds directly from victims’ bank accounts. Or they extort cash from victims through ransomware like Cryptolocker and Tesla. Another profit-motivated attack is extortion by distributed denial-of-service (DDoS) attacks, that have an adult in quality over the previous couple of years.
Retailers, each on-line and physical, face a heavy threat from profit-motivated attackers United Nations agency area unit once the user and money dealings details. Such attacks will involve malware that targets location (POS) systems.
It’s Not continuously regarding cash
But profit isn’t continuously the motive for a crime. as an example, a non-public company that develops technology for the military will be the target of business spies. in danger is sensitive info that might have a military, economic and political price to the offender or to the attacker’s paying client. during this case, attackers can be state-sponsored or a for-profit criminal cluster functioning on behalf of a state or maybe a company entity.
Organizations that run industrial management systems (ICS) — power firms, chemical firms, water systems, and therefore the like — can be the target of attackers intended by sabotage. These cybercriminals successively will be intended by underlying political, patriotic, or ideologic beliefs.
Vanity, Revenge, Outrage and additional
There also are additional personal — or additional vindictive — reasons to elucidate why attackers do what they are doing. firms or people will be the target, and therefore the consequences will vary from annoying to downright dangerous.
Who is probably going to plan you? resolve additional regarding what motivates attackers and what you’ll be able to do to cut back your risk by reading the IBM X-Force analysis paper “Know Your Enemy.”