According to Routine Activities Theory, which is one of the four major victimology theories, the crime occurs when a motivated offender and a suitable target are present while capable guardians are absent. These three elements must converge at the same time and in the same environment. This theory suggests that a motivated offender will act upon the suitable target when there is nobody that can prevent the crime from happening. Thus, we can say that a burglar can sneak into a house, where nobody is present, to steal valuable goods.
The Suitable Targets
If we apply this theory to the cyber world, the environment and the time limits are no longer an issue due the structure of the cyber world. So, regardless of the size or sector, all businesses are targets for cyber-attacks. Cyber-attacks occur when a motivated hacker detects a target that has no appropriate guardian or cyber security system in this case.
What Motives Hackers to Infiltrate…
There are many reasons behind a cyber-attack. From hackers’ point of view, they have many desires and motivations behind their actions. These can be categorized into three main sections for better understanding.
This is the most common reason that initiates a cyber-attack. The hackers usually want to earn money as easy as possible. Thus, they usually follow three main ways to achieve their objectives.
- Hackers infiltrate into your network or database to steal the information that you create and store to do business. This information could be related to your customers or products. This kind of data breach is usually unnoticed because hackers aim to steal the information periodically. Once the information is taken, they can either use the information for identity theft and fraud or they can sell it to other third parties for the same reason.
- Hackers can lock your computer or encrypt your files and demand a ransom to restore it back. Once they are in your computer, they execute a malicious software called ransomware that leads you to a stalemate. This malware informs you that your computer is locked, or that your files are encrypted, and you have only one way to recover them: paying the ransom they want. At this point, even if you pay the ransom, there is a chance that your files will stay locked forever or you can be targeted again with the same ransomware.
- Instead of selling the information, hackers can change the information within the company, so they can attack to perpetrate a direct fraud on a business. In this attack pattern, hackers usually aim to change the destination of a payment. They can send a fake email, which looks legitimate, on behalf of a supplier that advices about changed bank details. Once it is changed, the money goes to hacker’s account rather than the supplier’s account.
It means infiltrating into a system or a network to make a political or social point. Hacktivists can interrupt or stop their target’s normal activity with Denial of Service (DoS) attacks. Governments and political institutions are often targeted by DoS attacks. They can also look for information to damage their targets’ reputation. After the data breach, the information usually ends up on Wikileaks.
Some hackers love to challenge themselves to prove themselves in their community, to have an adrenaline rush or both. They may not have criminal intentions. For example, white hat hackers hack into institutions’ network with an authorization to find out the weaknesses. However, inexperienced hackers may damage the system and create new weaknesses or back doors in the network for those who have criminal intentions while challenging themselves.
Hackers may have other motivations as well as getting revenge, gaining a commercial advantage or more complex ones…
While a motivated hacker can attack your business from the outside; insiders, such as employees and business partners, can also attack or assist the attacks that target your business. In fact, many cases of security breaches occur due to misuse of corporate IT systems by an insider. An insider can be motivated, careless or negligent.
Even if your business has a sufficient cyber security system, insiders often open your business up to cyber risks. An insider can:
- open spam e-mails,
- click on suspicious links,
- share confidential information on social media,
- install unauthorized software,
- keep confidential information on portable device and leave it unattended,
- use personal e-mail account for business,
- download pictures, videos and audios,
- use unsecured devices to access a company’s network…
The Capable Guardian
A business must be protected from both outside attacks and inside negligence. An antivirus or anti malware software can protect your business from outsiders but it won’t control insiders. Even if the software offers very solid protection, without required policies that controls the insiders, there will always be back doors for hackers. That’s why traditional anti-virus solutions do not work in the corporate network protection.
As an advanced corporate network protection software, Zemana Endpoint Security offers antimalware, anti-ransomware, anti-phishing and anti-keylogging protection. In addition to its real time multilayered defense and machine learning capabilities, Zemana Endpoint Security controls insiders and prevents negligence within the company. It restricts them via its content control mechanisms, such as URL and keyword filtering, application blocking and device management. Thus, Zemana Endpoint Security won’t let insiders open your business to cyber risks.