Why the Average Hacker Doesn't Look Like the Average Hacker
Thu, 14 Sep 2017 10:49
When you imagine a hacker, what do you see? Do you see a genius computer programmer, furiously writing code in a dark room cluttered with gadgets? Most of us imagine someone highly intelligent, if anti-social, meticulously planning attacks that use advanced computer skills to outwit complex security systems. This image is too-often perpetuated by the media, who tend to describe hackers as 'sophisticated' and 'organised', when the reality can be quite different.
Hackers are usually opportunists; they discover a weakness and they exploit it for the most convenient and profitable gain. Many hackers (i.e., those who employed the WannaCry ransomware against the NHS) use off-the-shelf software to conduct their attacks. These hackers simply find the programs they want online and follow the instructions (also available on the web) to transmit their malware across the web.
Hackers may not even target individuals, but instead aim to send their malware to the greatest number of recipients in the hope that one person will take the bait. This is not sophisticated; it's carpet bombing. And while it may seem ineffective from a cost/return perspective, it's important to remember that the malware and the tools to distribute it may cost a few hundred pounds – or it may even be free – so it doesn't require many victims to take the bait for the con to pay off. Even if only 0.001% of spam emails are opened, that's enough to make it worth the hacker's time, given that the entire operation costs pennies and so many organisations don't offer cyber security training to their staff.
Cyber-crime authorities have noticed a new trend in digital crime: young hackers are engaged by organised criminals who lack the technical skills to achieve their goals. These hackers – often just teenagers – may relish the opportunity to test their skills and impress the older criminals. For gangs and members of organised crime, cyber-crime is a lucrative alternative to, say, the illegal drug industry or other black-market activities. Criminals can easily earn thousands without crossing a border … or even leaving home.
Why does this matter? Because misunderstanding hackers can cause us to underestimate their threat. If we imagine that hackers are a select breed of digital masters who plan brilliant attacks against enormous corporations, we imagine that we, as smaller and less significant targets, are safe from their attentions. But if we are aware, more accurately, that hackers are anyone with the will to commit a crime and the ability to use a search engine, then we realise that the threats from hacking are broad and omni-present, and we must take every precaution to keep our data and systems safe, because we are, sadly, as much a target as the largest global corporations.
Ensure your employees are mindful of the red flags of opportunistic cyber-crime with DeltaNet International's off-the-shelf cyber security bundle of courses, which includes full and short-course training to ensure your employees have a full awareness of cyber-security policies and best practices.