It is interesting to note that malware specifically designed to target corporate information systems does not exist. The tools of the hackers’ trade remain the same regardless of whether the target is a private individual or a company, the only real difference is the scale of damage, so companies have to pay particular attention to their own protective measures. The cybercriminals are far more interested in attacking companies than private individuals as the potential rewards from such attacks are considerably higher. It is very rare indeed for a hacker or virus writer to work for nothing. Usually when they feel the need to put their professional abilities to the test they try to ensure that their efforts are duly remunerated. Hackers that attack companies generally do so for the following reasons:
- To steal confidential information, including financial, with a view to profiting from its usage or resale, for example, databases belonging to financial organizations
- To disable a company’s IT infrastructure with a view to extorting money from that company for returning its IT infrastructure to operational condition. Additionally, a hacker may want to do damage to a company’s reputation or interrupt their business processes by the use of DDOS attacks
- To use the IT resources of one company for the purpose of attacking other companies.
“Cybercriminals do not have to attack a whole organization to get their hands on financial or confidential information. It is much simpler to carry out an attack by targeting an individual victim in an administration or HR department where the level of computer literacy is usually fairly low”
Methods of attack
How do cybercriminals gain access to corporate information? What vectors of attack do they choose?
The Structure of a typical corporate network is usually much more complex than the one displayed in the picture |
Hacking can occur on both private and publicly accessible sections of a network – usually the Internet. In such a case, the cybercriminal does not need to be physically near the hacked channel, using hackers tools and methods available on the Internet it is possible to hack a network remotely.
A hacker does not usually need direct access to the target computer within an organization: these days attacks are carried out remotely via the Internet |
Probably the most popular method for infecting computers is via the use of programs called Trojans which infiltrate a target machine through malware links in spam, instant messaging, and the exploitation of vulnerabilities in different software applications.
Of all of the abovementioned methods of infection, it is the vulnerabilities in software that is one of the biggest problems within the corporate environment. Large corporate networks are made up of a huge number of component parts: workstations, servers, laptops, smartphones, all of which may operate under the control of a different operating system.
Another loophole used by the criminals is the multiplicity of staff and the resulting multiplicity of computer network users and access points. The larger the numbers of end-users and nodes, the more chance there is of an accidental oversight in security procedures or an intentional violation of security policy. Unfortunately, companies rarely do have all-encompassing security policies in place, thus the cybercriminals continue to actively abuse the situation and commit targeted attacks.
Education
One of the keys to successfully minimizing corporate attacks is to educate staff on a constant basis, and not just technical staff, but administrative staff too. Obviously, when a user has no real knowledge of the basic rules of computer security there can be no guarantee that hackers won’t be able to enter the corporate network. It is imperative to teach the staff to think twice and remain cautious.