When we talk about cyberattacks, we often look at the risks posed to a firm and what an attacker can do to them. It’s time to do a 180 and look at the “why” behind the attack. Why do attackers do what they do? Their motives have a significant influence when it comes to the methods they choose to execute attacks.
Knowing the other side of an attack allows us to understand the thought process and methods of a cybercriminal completely. With this “insider” knowledge, you can gain a leg up on the dozens of “what-if” scenarios that may be waiting for you down the road.
Thinking like a cybercriminal is critical for users as it allows us to gain insight at what exactly is motivating an attack. Not every cybercriminal has purely financial motivations. Instead, there are multifaceted reasons for cyberattacks. Other motives can include:
- Gain access to intellectual property or additional protected information
- Halt production or make an adverse reaction that hurts customers
- Aid a friend within the attacked company that has ulterior motives
- Takeover a site to broadcast a political message to a broader audience than normal
- Collect environment details in an exploratory attack for a future takedown
The motivation that an attacker has will help dictate the methods that they employ to execute their attack. Often there is more than one motive for an attack, which means that the methods used to attack will always be growing. The most successful attacks use multiple ways to gain the information/outcome that they would like, so it is essential to understand what methods are available. There are a countless number of techniques that cybercriminals employ (and the list keeps growing) but here’s a list of the most prevalent attack methods:
- Develop and register a plausible domain name and then send phishing emails that can bypass filters
- Filling a USB device with malicious files that are disguised as “attractive” files and dropping device near targets
- Build an understanding of the structure of the organization such as employee groups, promotions, and major news about the company
- Use text-based messaging to gain access and build trust with an employee outside of typical detection methods
- Employ voice-based methods to create an “off the record” and potentially damaging conversation with employees
Being able to understand the potential “what if” scenarios that an attack may employ provides users with an immense advantage. Having this knowledge can only be obtained through understanding both the motives and methods of cybercriminals. Hands-on learning and testing allow users to not only gain visibility into the people, process, and technology layers but also visibility from the attacker perspective.
To ensure maximum protection from attacks, use technology that companies have developed for the sole purpose of educating users and preventing these attacks. Products such as Barracuda PhishLine allows users to see firsthand the newest attack techniques. In learning about these latest attacks, they gain knowledge about the warning signs that can help them stop email fraud, data loss, and brand damage. Education is key.
Want to see if you have a basic understanding of cybercriminal attacks? Thanks to our friend at Barracuda, you can put your phishing knowledge to the test.