No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Cybersecurity

Motive, Means and Method – Through the Eyes of a Cybercriminal

Taking an Inside Look at Phishing to Fight Cybercrime

by Stu Sjouwerman
November 9, 2020
in Cybersecurity, Featured
close up of cyber eye

KnowBe4’s Stu Sjouwerman offers a peek into the ways of a cybercriminal, providing organizations unique insights into how they can strengthen their cybersecurity strategy.

With everything digital becoming automated and connected, a cyber pandemic could spread faster than a biological virus and create a far more devastating impact. Leaders and businesses must ready themselves to fight this new battle. One of the first things any battleground will teach you is that you should know your enemy by learning to think like them.

The Motive: Why Hackers Hack

Obviously, a vast majority of attackers are after money. But not all of them.

Nation-state adversaries infiltrate governments to reap military information, or they could be in a competitive bid with another company in another country. Some nation-state attackers are after money. U.S. federal agencies recently warned of a North Korean hacking group known as the “BeagleBoyz,” who are actively siphoning money from international banks across 30 countries. Russia and China are also active in launching disinformation campaigns to target voters and manipulate elections.

Other attackers are simply ordinary people, like former disgruntled employees, people employed for corporate espionage or even trusted insiders. Some hackers are hacktivists who have political agendas or personal objectives or who simply despise your organization and want to disrupt operations by causing financial harm and public embarrassment. For example, the Anonymous Group may consider their motives ethical, but their actions are nefarious.

The emergence of virtual currencies is another big motivation for cyberattackers. Mining cryptocurrency like Bitcoin requires a lot of computing power. Attackers may use bots to commandeer thousands of computers, combining spare CPU cycles to mine cryptocurrency. In one year these so-called “cryptojacking” attacks on cloud servers surged by 250 percent. Another industry that uses a lot of virtual currency is online gaming.  Hackers are known to target gamers because gamer accounts hold real money. A staggering 10 billion cyberattacks have been reported in the past two years and according to recent estimates, trading of stolen gaming accounts on the dark web has become a $1 billion business.

Several cybercriminals have also evolved into organized cybercrime syndicates. Such malicious corporations employ hundreds of people and continuously target big companies to fuel their growth. The most famous of these is Russia’s Internet Research Agency. In its efforts to elicit donations, the fact-checking site Snopes.com likes to point out how they struggle with 10 newsroom employees versus the 1,000 headcount at the IRA. Then there was the infamous and now defunct London-based Cambridge Analytica, used by political groups worldwide including democracies in Australia, India, the U.K. and the U.S. to tilt elections by disparaging opponents with negative campaigns. Some of these crime syndicates can be hired on the dark web and directed to attack large corporations with distributed denial of service attacks demanding a ransom in exchange for halting attacks or unencrypting data.

Budding attackers, on the other hand, are just trying to prove their street cred (aka script kiddies) or win adulation from the community by running small-scale attacks, creating viruses or hacking opponents to beat them in online games. Some are trying to sell fake Viagra or con people into buying or selling stock when they really shouldn’t. Some attackers steal software or license keys and put them up for sale on Pirate Bay or another similar site.

Adware is probably the most ubiquitous and common reason why people get hacked. Unethical operators will often break into computers and maliciously manipulate them so that they boost ad views of targeted ad campaigns. Per recent reports, 24 million adware attacks were found on Windows machines and 30 million on Macs.

The Means: The Tools Hackers Use

Deployment of off-the-shelf tools such as malware-as-a-service is gaining traction.Dozens of hacking tools are available online, with some more commonly used than others. Hundreds of databases are available for sale complete with email addresses, login names and passwords. These passwords may not be current, but criminals can use the login IDs to launch targeted phishing attacks. Hackers also leverage search engines like Shodan to discover vulnerabilities in connected devices. Use of automated hacking and deepfakes is also on the rise to target individuals.

If a hacker is eyeing a sensitive target or a large corporation, they will probably try to learn more about the victim and their potential weaknesses before they attack them. There’s a lot of tools like Fingerprinting Organization Collective Archive (FOCA) out there that cybercriminals will use to dig up all available information about you. Open-source intelligence tools (OSINT) like Recon-NG and theHarvester are also extremely popular with cybercriminals. Nmap (Network Mapper) is another popular hacking tool used by attackers to scan or discover open ports so that they can be hacked.

The Method: How Hackers Hack

It’s usually one of two ways. If a malware randomly hit your organization because somebody clicked on it, you were a victim of opportunity. This is the most common form of attack. The malware will then either break in and do what it’s supposed to do, like stealing your passwords or encrypting your computer then asking you for a ransom in Bitcoin. Other modern forms will break in and then dial home to command and control (CNC) servers. The hacker will use some administrative console to stealthily observe your online activity and plan their next course of attack.

If you were specifically targeted by a human adversary, chances are that it will be extremely difficult to detect and prevent, especially if they are highly skilled and have unlimited resources at hand. Most attackers will use a combination of various tactics called the attack kill chain.

For example, before an attacker targets you with a spear-phishing campaign, they’ll do a reconnaissance of your company. This means they will try to learn as much as they can about your company to discover your vulnerabilities, your login names, email addresses, operating system versions, application versions, open ports, etc., so they can weaponize their attack depending on the information they find. Once they find your vulnerabilities, then there’s literally dozens of websites with hundreds to thousands of exploits that anybody can use to break into something. For example MVpower DVR, the software that runs a lot of web cameras these days, is one of the most common exploited vulnerabilities, impacting 31 percent of organizations globally.

How Can You Defend Yourself?

Focus on these three control pillars: policy, technical and training. Create robust security policies to protect your crown jewels. Next, install standard technical controls such as firewalls, intrusion prevention, endpoint security and vulnerability scanning. You’ll also want tools that provide early warning detection and incident response and recovery so that controls are updated and the incident doesn’t happen again. The MITRE ATT&CK framework may help you identify different ways an attacker can infiltrate your network.

As the defender, you need to act like a hacker and discover what your attack surface is by doing reconnaissance. Use the same fingerprinting tools that cybercriminals use to uncover hidden vulnerabilities, unpatched systems and open ports.  Carry out simulated scenarios of what you think an attacker might do and what type of attacks they are prone to execute, and then see what would happen if they were able to successfully deploy those breaches.

Users themselves need to be aware of the most likely threat vectors and, with frequent testing, develop the highly needed muscle memory to recognize and repel the most common attacks. This only comes with repeated and focused training. Studies show that simulated phishing exercises can help to reduce the phish-prone percentage (PPP) by over 60 percent.

Finally, find out what’s breaking your system today and focus on plugging those holes. Don’t treat things like adware lightly. Ask yourself, how did it get in? Today it could be adware, tomorrow it could be something a lot worse.


Tags: CybercrimeData BreachRansomware
Previous Post

Beyond “Check the Box” Intermediary Compliance Training Programs

Next Post

Financial Crime During COVID-19: AML Fines on the Rise

Stu Sjouwerman

Stu Sjouwerman

SjouwermanStu Sjouwerman is founder and CEO of KnowBe4 [NASDAQ: KNBE], developer of security awareness training and simulated phishing platforms, with 41,000 customers and more than 25 million users. He was co-founder of Sunbelt Software, the anti-malware software company acquired in 2010. He is the author of four books, including “Cyberheist: The Biggest Financial Threat Facing American Businesses.” He can be reached at ssjouwerman@knowbe4.com.

Related Posts

new york and us flags

New York Tightens the Breach Clock: 30 Days to Notify

by Melissa Crespo and Reiley Porter
May 12, 2025

State joins growing national trend toward broader personal information definitions and stricter notification timelines for data compromises

robot hand pointing to sky

Agentic AI Can Be Force Multiplier — for Criminals, Too

by Steve Durbin
April 21, 2025

How polymorphic malware and synthetic identities are creating unprecedented attack vectors

cyber insurance concept data and umbrella

Think Your Cyber Insurance Has You Covered? Think Again.

by Bill McLaughlin
February 20, 2025

Security audits and compliance frameworks often predict whether insurers will pay your claim

group looking at data breach details digital art collage

Navigating Data Breach Compliance & Communication

by Salim Gheewalla
October 28, 2024

Compliant response starts well before an incident occurs

Next Post
illustration of cash on clothesline

Financial Crime During COVID-19: AML Fines on the Rise

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights