The illegal activities of hacktivists and nation-states receive massive amounts of media attention. When speculation that a breach was caused by the North Korean government began, it caused the media coverage of the breach to explode That is because the concept of cyberwar and cyberterrorism is both fascinating and terrifying.
Enterprises that suffer a breach often claim they were victims of an advanced persistent threat or targeted attack — because no company wants to admit it was breached through an easy-to-find-and-mitigate vulnerability. However, that is more often than not the case. The Verizon Data Breach Investigations Report states that web applications are the number-one attack vector — yet most enterprises don’t even know how many applications they have! So, while acts of cyberwar/terrorism and hacktivists receive a great amount of attention from the media, it is really those that are motivated by good old-fashioned greed that enterprises need to watch out for — and no one is more motivated than cyber gangs.
Cyber gangs are crime syndicates that buy and sell vulnerability information and malware. Although their methods aren’t always sophisticated, they tend to be effective. Because their motivation is purely financial, they don’t care who they breach or how. They target the path of least resistance and look for a vulnerability that can be exploited at as many enterprises at once as possible. This is why vulnerabilities in widely used open source components can be so damaging. Once, their main goal was to steal personally identifiable information so they could commit identity theft. They would sell this material on the black market. Then they evolved to stealing credit card data that they again would sell on the black market. Either way, consumers suffered. Now we are seeing cybercriminals stealing money directly from banks.
So the question is, how do you protect against financially motivated hackers? To start, make sure you are covering the path of least resistance. Make sure you have a secure software development lifecycle, a third-party application security program and that you are securing your web applications — the attack vector the 2014 Verizon Data Breach Investigations Report says makes up 80 percent of breaches.
Cyber gangs are an interesting group, and understanding their motivations, tactics and tools can go a long way to help you better secure your enterprise. On March 26th, Veracode’s Phil Neray will delve into the inner workings of cyber gangs during a presentation at the SC Magazine eSymposium on “How Criminal Gangs Work.” You can register for the event here: https://engage.vevent.com/index.jsp?eid=474&seid=11296&code=WebappSCW