Many of you may have noticed the perceived upswing in cybercrime and hacking. At a high level, these attacks can be traced to several different groups. Some of these groups include hacktivists, organized crime, and nation state hackers. What’s interesting to note is that each group represents a unique threat. Just consider the following:
Hacktivists typically want to make a statement or raise awareness for a cause. While they may target specific sites, some victims are simply targets of opportunity. When they hack a company, they are quick to boast about their successes.
Organized crime is a different threat in that it’s geared toward money making activities. Personally Identifiable Information (PII) and other data that can be used to generate revenue are typically targeted.
Nation State Hackers
Finally, there are nation state hackers; these individuals don’t discuss what they have done. This threat seeks to gain access to and potentially modify source code repositories and proprietary information at high tech, security, and defense contractor companies. These assets are much more valuable than any financial or personally identifiable data.
Defending against each requires specific defenses and safeguards. It also requires you to perform a proper risk assessment to determine the real threat. Is this something your company has done?