Cybercriminals focus on companies: As digitization progresses, the volume of data in the economy will multiply in the future. These are particularly tempting targets for hackers or blackmailers.
The legislation has therefore ensured that data protection also enjoys a high priority in digital data processing. In addition to protecting trade secrets, companies must give high priority to the security of personal data. Violations of the GDPR can have particularly serious consequences: If there is a loss of data, those affected must be informed. In addition, such a security incident can be fined by the supervisory authorities. The law demands nothing less from companies than constant ability to provide information and constant, reliable control over all the data they process.
Company data is worth real money
However, the growth in data traffic has unearthed another industry that has set itself the task of thwarting those plans. With digitization and global networking through the Internet, all data of every company is - theoretically - accessible to unauthorized persons. This has created a large international black market for data and has contributed to cybercrime becoming more professional. The motives and strategies of cyber criminals targeting corporate data are diverse. Here some examples:
Job hack
Cyber criminals use their skills to serve paying customers with bad intentions. The motivation behind this is usually industrial espionage or a damage campaign against competitors. Individual services, such as hacking a certain cell phone, can already be booked on the Darknet on a fixed price basis.
Collecting valid data sets
There is usually a direct interest in turning them into cash as quickly as possible, either through resale or own abuse. This applies, for example, to credit card or bank details.
Collection of data sets for further use
Captured data does not necessarily have to be complete - personal data is valuable because it can be resold in a collected form. The customers, in turn, can use these to set up further spam campaigns. An authentic company letterhead or the names of actual employees can be extremely useful in the event of further attempts at fraud for other targets. It is also conceivable that incomplete data records, for example email addresses, are initially left there until they can be completed by hacking or purchasing additional data.
Blackmail using ransomware
With an infiltrated malware, important data records of a company are encrypted. The decryption algorithm is supposedly provided after paying a ransom in the form of a link to a C&C server. We strongly advise against making the payment, as it is by no means certain whether the criminals even have decryption software or whether it can be successfully downloaded by those affected. It also remains unclear whether hackers also duplicated and stolen records during the ransomware attack.
Regardless of the industry, the manufactured product, the service offered or the size: Just being a “digital data processing center” makes companies a generally interesting target for hackers.
Keeping up with a diffuse threat
In an effort to obtain the most lucrative data yield possible with a hack, cyber criminals have concentrated in recent years primarily on "big fish" such as banks, insurance companies, energy providers, retail chains or gaming platforms. As a result, a digital arms race developed: Companies with high brand awareness or critical infrastructures increased their defenses with increasingly sophisticated IT security mechanisms, while the attackers further developed their techniques accordingly.
Tom Haak, managing director and co-founder of Lywand (Photo: Lywand).
The chances of success for cyber criminals in such highly equipped companies are now significantly lower. But the maturity of their attack techniques opens up opportunities to compensate for the lost prey in high-profile targets through broad campaigns. Hackers are therefore increasingly looking for their victims in the periphery - in companies that are still in a rather early stage of their digitization and whose IT security standard is even lower, including, for example, craft businesses, hotels or smaller, owner-managed shops. They also meet the legal requirements of data protection. In times when data was still stored in files and EDP systems were not yet connected to the Internet, one could be relatively certain that data was safe: it was in PCs, in locked filing cabinets in a building where only authorized persons had access and which was monitored by a porter or even a security service. The degree of control over the data and the perceived security should have been extremely high in such scenarios.
The security of IT security: checks can help
Unfortunately, this approach cannot be fully transferred to IT infrastructures. There is basically the possibility that unauthorized persons have gained access or have fished data. So does the fact that no irregularities are noticeable actually mean that nothing has happened? Or could data have been stolen without being noticed? Even assessing how likely such an incident would be is a complex undertaking for companies. You are faced with a diffuse threat of different intentions and other unknown variables. Why could cyber criminals attack the infrastructure? Is there anything that should be of particular interest to you? How well-versed could the attackers proceed? Which attack vectors would you prefer? What damage could the company suffer and how expensive could regulation become in the event of a data security incident?
Can the IT security withstand attacks?
The field of hypothetical attack scenarios is extremely large. In order to be able to assess the security of company data, however, there is ultimately only one central question: is our IT security able to withstand both unspecific and targeted attacks? A security audit can provide answers to this question. The entire IT infrastructure is checked as part of an automated check. Artificial intelligence tests the possibilities of numerous conceivable attack scenarios and then makes suggestions for improvement to close possible gaps. Such software can also determine whether data from the company is already circulating on illegal marketplaces. Companies regain control over the data they manage. You can fully meet your legal requirements as data processors - and you can offer your partners, your customers and yourself something that is becoming more and more important: Certainty about the security measures taken to protect your data.
More at Lywand.com
About Lywand Lywand Software offers a fully automated security review of the IT infrastructure for companies. For IT dealers, service providers and system houses who want to serve the needs of their small and medium-sized customers for IT security, Lywand simplifies the process of advice and product recommendation. Customers receive offers that measurably increase their security. Lywand is headquartered in St. Pölten, Austria.