HR Jetpack
Home / HR Courses / Cybersecurity 101 for HR Pros / Concepts / What are Attackers After?

What are Attackers After?

This video is premium content

Register or sign in to gain access.

Lesson:

What are Attackers After?

Lesson Content

Before you consider how to defend yourself, it’s crucial to start by understanding the mind of the attacker.

Cybersecurity Expert, and New York Times Bestselling Author Brian Krebs compiled a list of “Immutable Truths About Data Breaches”. They are as follows:

  • If you connect it to the Internet, someone will try to hack it.
  • If what you put on the Internet has value, someone will invest time and effort to steal it.
  • Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.
  • The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.
  • Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.

With these tenets in mind, attackers’ methods usually follow one of two primary courses of action. Attacks tend to either be broad or targeted.

Attacks which target a broad range of victims are quite common and likely to make the news because of their incredible scope. In the Fall of 2016, Yahoo announced 2 separate data breaches. The first involved 500 million accounts in 2014 and the second disclosure stated that 1 billion accounts that been compromised in 2013.

In 2015, the U.S. Office of Personnel Management, which is the government’s HR department, reported two major breaches of its employee databases both of which occurred the previous year. Their systems held a great deal of sensitive information at least 22.1 million people. This didn’t just include federal employees and contractors but also their families and friends.

Attacks like this are possible by finding vulnerabilities in companies or systems which involve large databases of user information. For example, in one of those attacks on Yahoo the thieves are believed to have accessed: Names, Email Addresses, Telephone Numbers, Dates of Birth, Hashed Passwords, and Encrypted or Unencrypted Security Questions and Answers for 1 billion accounts.

When attackers go for such a large number of targets at once, they don’t often know what they are going to find. The contents of an individual’s account are trivial because they are trying to turn around and sell the data in bulk.

If broad attacks are like fishing with a net, then targeted attacks are like fishing with a spear. Targeted attacks are less common, but a critical approach for high value targets. Celebrities, CEO’s, and political figures are commonly in the crosshairs of being singled out in this way. Targeted attacks typically do not target large networks or systems, but rather they try to manipulate people through social engineering. These sorts of methods were used prior to the internet by spies and con men but now have a technological twist for tricking people into giving over critical information or access.

Regardless of the approach, attackers have a clear motivation behind their attacks. The most common is financial, however political gain, fame or recognition of one kind or another, or harm to the target’s reputation are also typical motivators.

Consider all of the benefits an attacker has to compromising a computer. Your computer often will have automatic or saved access to your email, social media, banking or other personal data. Your machine may also have virtual goods such as software or operating system license keys. You may have confidential or proprietary information on your hard drive. The computer could be remotely controlled to host illicit content on the web, launch email attacks on your contact list, or join a larger network of compromised devices to launch large attacks.

Similarly, your email account has tremendous value, especially for HR professionals. If you’re sending any type of employee information to a manager, senior leader or even another HR manager in your organization, it’s vulnerable. For instance, you may send a copy of an offer letter with new hire data to someone involved in making the hiring decision. You might even email the letter to the prospective employee.

Beyond the personal and professional data, and contact list, your email account is typically tied to your ability to log on to 3rd party websites, apps, and services. If an attacker controls your email account, they can not only access those accounts, but also change your password and lock you out of your own accounts across the web. Just imagine if you couldn’t log into your Talent Management system. In the big picture, if your email account is compromised, then so is the rest of your digital life.

An individual’s personal or work devices and email account can be worth tens of thousands of dollars to an attacker. If that account or device gets the attacker into the company’s network and data, it can be worth millions.

Michael Wilson

Instructor:

Michael Wilson

Michael Wilson works with small businesses to build and protect their brands online. He is an IT Generalist whose primary services include: Web Design & Development, Cybersecurity Consulting & Training,...

Michael's Full Bio