Celebrating 20 Years of Cybersecurity Awareness!
This year marks 20 years of Cybersecurity Awareness Month. The collaboration between the government and private industry empowers everyone to protect their personal data from digital forms of crime. Our collective goals are to enhance cybersecurity awareness, encourage actions to reduce online risk, and generate discussions on cyber threats on a national and global scale. Starting this year, the overall arching theme of Cyber Awareness Month is Secure Our World. We’ve decided that creating cyber awareness once a year is not enough. So, at least once per month, we’ll be posting about topics that elevate cyber awareness.
We often hear that my business is too small and I do not have anything cybercriminals want. This post will delve into why that is simply not true. We will learn about the psychology of a hacker- the who, the why, the what, the when, and the how. Source – Fundera (Nerdwallet.com)
What is Hacking?
<pn>
A generally used hacking definition is the act of compromising digital devices and networks through unauthorized access to an account or computer system. It is not always a malicious act, but it is mostly associated with illegal activity and data theft by cybercriminals.
But What is Hacking in a Cybersecurity Context?
Hacking in cybersecurity refers to the misuse of devices like computers, smartphones, tablets, and networks to cause damage to or corrupt systems, gather information on users, steal data and documents, or disrupt data-related activity.
What do They Want from You??
They want your data!
Data is the most valuable currency in the world.
There is a hacker attack every 39 seconds.
Source: Security Magazine
What Motivates Hackers?
<pn>
There are lots of reasons a hacker looks to target a business or organization. These motivations help determine what they are looking to breach, what they might take, and how hard they will work to succeed. These are the five key motivators that lead hackers to hacking:
As expected, financial gain is the number one motivator for hackers. There are billions of dollars to be gained through cybercrime. Hackers have numerous methods for making money off their exploits, including demanding some sort of ransom from the victim in exchange for breached data, selling the information on the dark web, or directly stealing money from a victim via credit cards, bank accounts, or other financial institutions.
Hackers regularly claim responsibility for high-profile attacks because they want to be recognized for their ingenuity, skill, and achievements. The hacking world is global, and hackers like to play the game of one upmanship.
Hackers join the spy game to further the political aims of a government against its enemies. They focus on critical government infrastructure and companies that serve government interests. They receive government funding to engage in these types of espionage attacks to steal intellectual property. They carry out these so governments can maintain plausible deniability of knowledge. State-sponsored cyberattacks may seek to spread misinformation to affect a nation’s elections and culture, sabotage a military’s capabilities, and create fear amongst the population.
Often hackers have a personal issue with companies they attack. The attackers are often disgruntled employees, vendors or even partners. Revenge is a strong motivation for hacking, with financial benefit or disruption being a byproduct of their anger.
Competitive advantage is a powerful motivator. Some companies will stop at nothing to beat their competitors. Corporate hackers target extremely sensitive data including trade secrets, product designs, research and development and other intellectual property. A hacker’s motivation for this type of hack is typical for financial gain.
“Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business. “
Kevin Mitnick
Types of Hackers
line
There are many types of hackers. For our purposes, we will focus on the three main types, white hat, grey hat, and black hat. While there are many similarities among the different types of hackers, there are also some key differences among them.
These hackers are considered the “Good Guys” of hackers. White hat hackers, also known as ethical hackers, use their hacking skills to break into protected systems to test their security. They find weaknesses in websites and systems to help fix these vulnerabilities so that they cannot be exploited by black hat hackers.
Nothing in life is black and white, and neither is hacking. Like white hat hackers, gray hat hackers expose vulnerabilities in systems and report issues to the owners. However, this type of hacking is illegal because permission was never given. Gray hat hackers often request a fee to fix the issues they find. A little-known fact is that Gray Hat hackers make up most of the hacking community.
Black hat hackers pose the largest threat to the world. Not only do they break networks and systems too maliciously to spread malware, steal data, modify it, or destroy it, they have created common attacks like ransomware, crypto-jacking, and phishing.
Most people think of a hacker as a lone rogue programmer who is highly skilled in coding. Which picture do you think represents most hackers; A or B?
A
B
If you chose picture B, you are right. While there are certainly rogue lone individuals that hack, hacker groups have become more popular. A hacker group is a group of technically skilled and adventurous computer enthusiasts who can become a powerful weapon and do severe damage.
What Devices are Most Vulnerable to Hacking?
<pn>
The easy answer to that question is anything that can connect to the internet. More specifically:
Smart Devices
Webcam
Router
Jailbroken Phones
“There are now an estimated 17 billion IoT devices in the world, from printers to garage door openers, each one packed with software (some of it open-source software) that can be easily hacked. “
Elizabeth MacBride, CNBC
How Can I Protect Myself from Being Hacked?
<br>
These tips apply to all your devices, whether it is your work, school or personal devices including desktops, laptops, phones, e-readers, and tablets.
1
Use Anti-Malware Protection
Make sure you have a reliable anti-malware product installed on your devices. It can both detect and neutralize malware and block connections to malicious phishing websites.
2
Use a Virtual Private Network (VPN)
By using a VPN, users can safely browse the internet because it hides their location and prevents hackers from intercepting their data or browsing activity.
3
Be Careful What You Download
Only download applications or software from trusted organizations and first-party resources. Downloads from unknown resources can be infected with viruses and malware.
4
Update Your Software
Updating your software and operating systems are both critical to preventing users and organizations from being hacked. Hackers are constantly looking for vulnerabilities or holes in security that have not been patched. Enable automatic updates and reboot your computer when it asks you to.
5
Protect Your Information
Limit what you share with anyone, including on social media. Never share your login credentials, social security number or credit card numbers. Legitimate organizations do not email you requesting that information.
6
Be Careful What You Click On
Hackers love to embed malicious code in attachments and links. Avoid visiting unsafe websites and never download unverified attachments or click on links in emails from unfamiliar people. If you are unsure about an email from someone, pick up the phone and call them.
Finally:
How Will I Know if I have Been Hacked?
Check the accuracy of your personal accounts, credit cards and documents. Are there unexplained transactions? Questionable or unauthorized changes? If so, dangerous malware installed by predators or hackers might be the cause.
Check out these spooky Cyber Monster Cards! Each of these spooky creatures personifies a key cyberattack hackers use. Source Our Partner KnowBe4.
What Should I Do If I Have Been Hacked?
<pn>
Take a screenshot or picture of your computer screen
Unplug your computer and disconnect from the internet
Call your IT department ASAP because minutes matter
Using another device be sure to change your password
Be sure to share this page and other helpful cybersecurity tips using the following hashtags:
#Secureourworld #becybersmart #InfranetWorksTeam