Social Hacking, Cyber Espionage and Co.
Identity theft, fake website fraud, and encryption of data for ransom blackmail are just a fraction of the ways cybercriminals can cause businesses great difficulty. To find out what hackers can do and what they want to achieve, click here.
Cybercrime will play an increasingly important role in the future. Especially for companies. And only those who know their adversaries can better protect their companies. This makes it all the more important to know the technologies used by attackers and to understand how they work. In Germany alone, attacks run into the high six-figure range every day - and the trend is rising. The speed at which attacks are carried out and the focus of the attackers are changing. For example, at 190 GBit per second, it is no longer just operating systems or browsers that are attacked, but also chips, processors and surveillance cameras, among other things.
Human error, outdated hardware and lack of updates
Factors such as outdated software, human error, outdated or insufficient hardware, and failure to perform updates often make it easy for hackers to successfully carry out an attack. In 2019, the Hasso Plattner Institute analyzed nearly one billion user accounts as part of a study on password use, all of which were legally and freely available on the Internet due to data breaches. It found that 20 percent of users use identical passwords for different accounts or change them only slightly. The most shocking result was that the number combination 123456 was identified as the most frequently used password. Anyone who thinks that easily decipherable passwords in the private lives of employees are not a problem for their own company is mistaken. Many employees bring their private devices into the company network. If these are not sufficiently secured, hackers can quickly gain access to internal company data. But which attack options are available to cybercriminals at all? Five are then presented.
Factors such as outdated software, human error, outdated or inadequate hardware, and failure to execute Phishing involves, for example, falsifying e-mails, blogs, or entire company websites. The goal is to get users to reveal their data. Since they think it is the original website, they disclose it. Retrospectively, this can cause damage to the companies concerned, as users no longer trust them and do not want to provide private information. Reputation can drop enormously as a result. In addition, the cybercriminals gain access to a lot of private information this way.
2. social hacking
In social hacking, it is not the systems that are the target of the attack, but the company and its employees. This can happen through e-mails, for example. Covert attacks via social hacking are often carried out over a long period of time. The goal of the hackers is to disguise the hacking attack due to the large time span, as users are less likely to become aware of it this way. To reduce the risk of social hacking, it is important to sensitize employees to the issue so that they recognize potential attack attempts and react accordingly. Read our article 8 Measures to Protect Against Cybercrime - These are the security precautions every company should take.
3. Denial-of-Service- (DoS) und Distributed-Denial-of-Service-Angriffe (DDoS)
In a denial-of-service attack, systems are deliberately bombarded with so many requests at once that they can no longer handle the tasks. It's like more and more people throwing you a ball, so that at some point you are no longer able to catch them all. If such an attack is carried out in parallel by a very large number of host computers on which the attacker has installed malware, the process is dubbed a DDoS attack. Attacks of this type result in, for example, a website being inaccessible, customers not being able to order, etc.
When we talk about randsomware, we mean a type of extortion. In this context, for example, hackers infect the computer with a malware that encrypts all files. The data is only decrypted again after payment of a set sum. For companies, this poses several problems. On the one hand, they guarantee their customers that they will handle their data responsibly and securely, and they cannot keep this promise. On the other hand, they need the data to be able to work themselves.
5. cyber espionage
Classic spying to obtain information is on the rise. Digital industrial espionage costs the German economy at least 50 billion euros a year. In the past ten to 15 years, there has been an enormous professionalization of attacks on computer systems and networks. Anyone who thinks that small and medium-sized companies are not affected by problems of this kind is mistaken. Current studies repeatedly show that even companies of this size are not protected against cyber espionage.