For half a decade or more, cybersecurity experts from Norton and other top think tanks have been warning companies of all sizes to bulk up their protection and train their staffs up to avoid falling victim to cybercriminals and hackers who prey on the foolish and the underprepared, luring them into clicking on malicious links, opening unwise attachments, and otherwise committing blunders that expose themselves and their companies to data breaches, spyware, stolen credentials and more.
To their credit, it appears to be working to a degree, as hackers are moving away from mass email lists and blanket coverage to target more specific industries and companies in an attempt to get more return on their investment.
Before cybersecurity became such a hot topic for interoffice discussion and training, cybercriminals could count on plenty of people clicking on their emails that contained malware or a link to it. With all levels of companies investing more money in cybersecurity and investing more man-hours in their employees’ education of best practices for working digitally, that lowest-common-denominator mentality by hackers is not working as effectively as it once did.
Instead, they are keying in on certain industries and companies and using exploits like ransomware, which freezes up a company’s data and assets behind encryption that only the hacker has the key to.
Unless the company pays the hacker a certain amount of money – usually in a hard-to-trace cryptocurrency, they never can retrieve their data. Hackers target startups and small-to-medium enterprises (SMEs) with this type of attack, rationalizing that they are operating with a small staff and under a tight budget and are unlikely to have great cybersecurity or be constantly backing up their files to another location, which would render such a threat like ransomware to be no threat at all.
New Motivations and New Targets
While making money through the sale of stolen credentials and data or through ransomware remains the number-one focus for most hackers, others are attacking certain industries and companies for the equivalent of street cred among the overall community. The BBC reports that hackers as young as 14 years old are using their skills to break into player accounts on the infinitely popular online fighting game Fortnite, then selling those accounts to others online. Fortnite has repeatedly issued threats to hackers, but with players literally all over the world online 24 hours a day, it is difficult, if not impossible, the task to perform.
Going specifically after Fortnite players are one of the targeted attacks that appears to be driving the future of hacking for profit. Other hackers will go after giant targets like Apple and Facebook for notoriety. In 2018, a 16-year-old from Melbourne, Australia, hacked into Apple servers multiple times over the course of a year and downloaded more than 90GB of secure files, including secure
authorized keys that grant login access.
The rather embarrassed company found that its stolen data was being kept in a folder on the youth’s computer labeled “hacky hack.” Given the size of Apple and its perceived cybersecurity strength, it is imperative that SMEs take threats seriously and employ strong security measures to remain safe against the next generation of hackers.
How to Stay Safe
The best way to keep unwelcome visitors out of your business dealings is with a top-line antivirus software solution such as Bitdefender. Top-quality antivirus software will have a database of potential threats that is constantly updated, and some are starting to use Artificial Intelligence algorithms to predict threats based on their behavior and makeup to stay a step ahead of the malware makers around the world.