HR Jetpack
Home / HR Courses / Cybersecurity 101 for HR Pros / Concepts / What are Attackers After?

What are Attackers After?

This video is premium content

Register or sign in to gain access.

Lesson:

What are Attackers After?

Lesson Content

Before you consider how to defend yourself, it’s crucial to start by understanding the mind of the attacker.

Cybersecurity Expert, and New York Times Bestselling Author Brian Krebs compiled a list of “Immutable Truths About Data Breaches”. They are as follows:

  • If you connect it to the Internet, someone will try to hack it.
  • If what you put on the Internet has value, someone will invest time and effort to steal it.
  • Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.
  • The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.
  • Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.

With these tenets in mind, attackers’ methods usually follow one of two primary courses of action. Attacks tend to either be broad or targeted.

Attacks which target a broad range of victims are quite common and likely to make the news because of their incredible scope. In the Fall of 2016, Yahoo announced 2 separate data breaches. The first involved 500 million accounts in 2014 and the second disclosure stated that 1 billion accounts that been compromised in 2013.

In 2015, the U.S. Office of Personnel Management, which is the government’s HR department, reported two major breaches of its employee databases both of which occurred the previous year. Their systems held a great deal of sensitive information at least 22.1 million people. This didn’t just include federal employees and contractors but also their families and friends.

Attacks like this are possible by finding vulnerabilities in companies or systems which involve large databases of user information. For example, in one of those attacks on Yahoo the thieves are believed to have accessed: Names, Email Addresses, Telephone Numbers, Dates of Birth, Hashed Passwords, and Encrypted or Unencrypted Security Questions and Answers for 1 billion accounts.

When attackers go for such a large number of targets at once, they don’t often know what they are going to find. The contents of an individual’s account are trivial because they are trying to turn around and sell the data in bulk.

If broad attacks are like fishing with a net, then targeted attacks are like fishing with a spear. Targeted attacks are less common, but a critical approach for high value targets. Celebrities, CEO’s, and political figures are commonly in the crosshairs of being singled out in this way. Targeted attacks typically do not target large networks or systems, but rather they try to manipulate people through social engineering. These sorts of methods were used prior to the internet by spies and con men but now have a technological twist for tricking people into giving over critical information or access.

Regardless of the approach, attackers have a clear motivation behind their attacks. The most common is financial, however political gain, fame or recognition of one kind or another, or harm to the target’s reputation are also typical motivators.

Consider all of the benefits an attacker has to compromising a computer. Your computer often will have automatic or saved access to your email, social media, banking or other personal data. Your machine may also have virtual goods such as software or operating system license keys. You may have confidential or proprietary information on your hard drive. The computer could be remotely controlled to host illicit content on the web, launch email attacks on your contact list, or join a larger network of compromised devices to launch large attacks.

Similarly, your email account has tremendous value, especially for HR professionals. If you’re sending any type of employee information to a manager, senior leader or even another HR manager in your organization, it’s vulnerable. For instance, you may send a copy of an offer letter with new hire data to someone involved in making the hiring decision. You might even email the letter to the prospective employee.

Beyond the personal and professional data, and contact list, your email account is typically tied to your ability to log on to 3rd party websites, apps, and services. If an attacker controls your email account, they can not only access those accounts, but also change your password and lock you out of your own accounts across the web. Just imagine if you couldn’t log into your Talent Management system. In the big picture, if your email account is compromised, then so is the rest of your digital life.

An individual’s personal or work devices and email account can be worth tens of thousands of dollars to an attacker. If that account or device gets the attacker into the company’s network and data, it can be worth millions.

Michael Wilson

Instructor:

Michael Wilson

Michael Wilson works with small businesses to build and protect their brands online. He is an IT Generalist whose primary services include: Web Design & Development, Cybersecurity Consulting & Training,...

Michael's Full Bio

HR Courses

Human Resources Training Programs

Self-paced HR Courses

The following HR courses are self-paced (asynchronous), and qualify for both SHRM and HRCI recertification credits. These courses are included in the HR Recertification Subscription.

Effective Disciplinary Action Policies and Procedures

Duration: 1 hr 1 min
SHRM: 1.0 PDC
HRCI: 1.0 General

Liz LaForte

Liz LaForte

RFP Process for HR

Duration: 1 hr 19 mins
SHRM: 1.25 PDC
HRCI: 1.25 General

Mark Fogel

Mark Fogel

Organizational Ethics for HR Managers

Duration: 1 hr 30 mins
SHRM: 1.5 PDC
HRCI: 1.5 General

Dawn Tedesco

Dawn Tedesco

HR as a Business Partner

Duration: 1 hr 5 min
SHRM: 1.0 PDC
HRCI: 1.0 Business

Scott Pitts

Scott Pitts

Blockchain for HR

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Michael Wilson

Michael Wilson

HR Strategic Planning

Duration: 1 hr 2 mins
SHRM: 1.0 PDC
HRCI: 1.0 Business

Hayley Buonopane

Hayley Buonopane

Employee Engagement & Retention

Duration: 1 hr 4 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

HR Metrics That Matter

Duration: 1 hr 16 mins
SHRM: 1.25 PDC
HRCI: 1.25 Business

Christina Danforth

Christina Danforth

Finance for Absolute Beginners

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Anna Samorukova

Anna Samorukova

Change Management 101

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Hayley Buonopane

Hayley Buonopane

Labor Relations

Duration: 1 hr 42 mins
SHRM: 1.50 PDC
HRCI: 1.75 General

Matthew Kerzner

Matthew Kerzner

Diversity and Inclusion

Duration: 1 hr 25 mins
SHRM: 1.25 PDC
HRCI: 1.50 General

Christina Danforth

Christina Danforth

HR Analytics

Duration: 1 hr 31 mins
SHRM: 1.50 PDC
HRCI: 1.50 Business

Christina Danforth

Christina Danforth

Performance Management: Development & Deployment

Duration: 1 hr 18 mins
SHRM: 1.25 PDC
HRCI: 1.25 General

Christina Danforth

Christina Danforth

The Role Assessments Play in Talent Management

Duration: 2 hr 5 mins
SHRM: 2.0 PDC
HRCI: 2.0 General

Craig Haas

Craig Haas

AI for HR

Duration: 1 hr 3 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Michael Wilson

Michael Wilson

Compensation 101

Duration: 1 hr 8 mins
SHRM: 1.0 PDC
HRCI: 1.25 General

Pamela Sande

Pamela Sande

Effective Leadership Communications for HR Professionals

Duration: 2 hr 30 mins
SHRM: 2.5 PDC
HRCI: 2.5 General

Christina Danforth

Christina Danforth

Recruiting Strategies to Hire the Best Candidate

Duration: 1 hr 6 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Lois Krause

Lois Krause

Cybersecurity 101 for HR Pros

Duration: 1 hr 2 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Michael Wilson

Michael Wilson

EQ Competence: Fostering a Talent Advantage that Drives Organizational Performance

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Craig Haas

Craig Haas

Thinking Lean

Duration: 1 hr 8 mins
SHRM: 1.0 PDC
HRCI: 1.25 Business

Christina Danforth

Christina Danforth

Coaching for HR Professionals

Duration: 1 hr 2 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

The Employment Cycle

Duration: 1 hr 45 mins
SHRM: 1.75 PDC
HRCI: 1.75 General

Christina Danforth

Christina Danforth

Behavioral and Situational Interviewing

Duration: 1 hr 8 mins
SHRM: 1.0 PDC
HRCI: 1.25 General

Stephanie Legatos

Stephanie Legatos

Dynamic Dialogues

Duration: 1 hr 10 mins
SHRM: 1.0 PDC
HRCI: 1.25 General

Stacey Zackin

Stacey Zackin

Employment Law 101

Duration: 3 hr 11 mins
SHRM: 3.0 PDC
HRCI: 3.25 General

Mark Addington

Mark Addington

Thrown to the Wolves: Preparing Your New Leaders to Lead the Pack

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Karen Hinds

Karen Hinds

Introduction to Organizational Development

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Practical Meeting Preparation: Getting Ready for a Productive Meeting

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Succession Planning: Build Your Bench

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Practices for Hiring Successfully

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Team Development: Building Collaboration & Effectiveness

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Leading and Managing the Need for Both

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Coaching: Guiding the Management Team

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Being A Change Agent

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Leading a Multigenerational Team

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Karen Hinds

Karen Hinds

Multi-Generational Workforce: Problem or Competitive Advantage?

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Virtual Reality: The Future of HR

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christina Danforth

Christina Danforth

Unconscious Bias: Impact on Recruitment and Retention

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christina Danforth

Christina Danforth

Business Fundamentals for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Influence and Communications as an HR Pro

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Value Based Decision Making for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Strategic Planning to Support HR Initiatives

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Dr. Deborah Osgood

Dr. Deborah Osgood

Meet in the Middle: Best Methods for Conflict Management

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Economics for HR Professionals

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Business Plans: Why HR Pros Should Care

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Emotional Intelligence: What is it and Why Does it Matter

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Marketing/Selling Continuum (From Idea to Revenue)

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Diversity Equity & Inclusion The Lens We Wear

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Welcome! What HR can Learn from the Field of Hospitality

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Accounting and Financial Reporting for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

How HR Can Establish & Influence a Culture Of Hospitality

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Raising Capital (Who, What, When, Where, Why & How)

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Cultural Competence: Fostering Diversity Equity & Inclusion

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

DiSC Communication Styles: What are They & How They can Help You

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Effective Meeting Facilitation for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Best Practices in Providing Effective Performance Feedback

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti