Connect with us


Understanding today’s hacker and avoiding the cost of cybercrimes

Please find the link below to your published article on Global Banking & Finance Review. Understanding today’s hacker and avoiding the cost of cybercrimes In order for you to get maximum exposure to your article, we grant you marketing and promotional rights for the article link We request you to add the link of your published article in your News or Media section of your website saying “As seen on Global Banking and Finance Review “. You can use the attached Logo for this purpose. You are free to share the article and the article link on your blog, Newsletter, Company website, News section of the organization, Homepage of your website and on various social media platforms such as Facebook, LinkedIn, Twitter etc. You are also free to advertise the link on various online places like Google Ad words, Facebook ads etc. to increase your reach. We also do have a lot of other promotional options available at an additional cost. If you would like to explore how to get this article promoted on our newsletter which goes to over 35,000+ subscribers or feature this article on the homepage of our site or have this promoted across all our social media channels, please get in touch with me.

By Kamel Heus, VP EMEA, ThycoticCentrify 

Cyber attacks are familiar to many, as both in fiction and in reality stories of data breaches and hacks are everywhere. However, the fascination with shows such as Mr. Robot and sensationalised news stories have created an out-of-touch stereotype of hackers. In these narratives, the hacker is portrayed as an anonymous, hooded figure with almost superhuman skills, capable of bringing a business to its knees with a few, carefully crafted, lines of code.

However, for a large majority of the time, the reality couldn’t be further from this. Far too often, the hacker causing chaos is known to the victim. It could be the teenage boy next door, the new hire at the firm, or even the waiter at the local restaurant.

A perfect example of this is Twitter’s security breach in the middle of 2020. The attack saw several notable people’s accounts hacked, including Joe Biden and Bill Gates, in a scheme reported to have reaped more than $100,000. The ‘mastermind’ behind this scam? A 17-year-old boy.

Although awareness of the need for cyber security increases, so do the attacks and the costs they bring. In 2015, cybercrimes were costing the world approximately $3 trillion, but by the end of this year that figure is expected to have doubled to $6 trillion. Financial services make up a large portion of this figure, with a report from Accenture finding that the price of cyber attacks are most damaging within the banking industry, costing a single company $18.3 million per year. This is 40% higher than other industries.

The notable increase in attacks is partly due to the changing nature of the breaches themselves. Traditional techniques, such as decrypting code or infiltrating firewalls are no longer the chosen method of attack for many hackers. Instead cyber criminals are simply “logging in”. Now, hacking into websites and intranets, which would have previously been considered  secure, can be done by someone with little more knowledge than can be learnt in secondary school IT lessons. Instead of sophisticated techniques and years of hacking experience, all that is now needed are weak, compromised, or stolen credentials.

The ease with which hackers can carry out these attacks has led them to becoming commonplace. In fact, Forrester has estimated that upwards of 80% of all security breaches now involve compromised credentials. The most profitable of these attacks is business email compromise (BEC), which involves the hacker using a company email to defraud the business and steal from their corporate bank account. This scam alone brings in an annual cost of $1.3 billion across the globe. So, with these breaches having such huge financial repercussions, what can be done to prevent them?

Understanding the Attacks

These attacks vary in scale and motivation, but by identifying the following common tactics, organisations can take the first step in stopping the hacker.

  1. Finding Way In 

The first step for any hacker is finding the credentials that will allow them to access the system. A frequently used method is social engineering, a common example of which is phishing.

However, hackers also take advantage of schemes such as password spraying, which targets those who have common passwords, or use the same password across multiple sites. Finding leaked information being sold on the dark web is also a very real and easy method for many hackers.

After this, hacking a business or organisation is far too easy. Even the toughest security perimeters are useless against an attacker who is already inside the system.

  1. Maximising Access

Once inside the network the priority for any hacker is to understand the system itself and use that to their advantage by expanding their access and finding more privileged information.

A key part to this phase for the attacker is finding security measures, IT schedules, or network traffic flows to gain a full understanding of the network’s infrastructure and how best to navigate it. The ultimate goal is to access and exploit network resources, privileged accounts, domain controllers, and Active Directory. These often hold the privileged credentials.

  1. A Clean Getaway 

Finally, after accessing the desired information, hackers will continue to try and elevate their privilege within the network. This allows them to locate and gain access to profitable data, extract it, and cover their tracks. Some will also create a backdoor, for example by creating an SSH key for exfiltrating additional data in the future.

What Can Be Done?

With all of this in mind, what can be done to prevent attacks on an organisation’s privileged information?

The days of hooded figures poring over code and exploiting hidden weaknesses are gone. Today, the greatest vulnerabilities to cybersecurity are seemingly small factors, such as weak passwords and unsecured or unclosed privileged access. While it is still crucial for businesses to invest in features including solid security perimeters, as the threat evolves it is also important for businesses to evolve their cyber security practices.

Businesses should now be focusing on protecting identity, and ensuring that administrative privileged credentials (especially those that are root or shared) are securely vaulted away. However, just vaulting isn’t enough to encompass all possible threats in an age where hackers are constantly adapting their methods and exploiting new attack surfaces, such as cloud and DevOps.

Companies should adopt a least privilege approach based on identities and their respective entitlements, enforced on a person-to-person basis, and also encompassing machine identities. Additionally, it is important to use a system which assesses data requests, verifying who is requesting the information, the nature of the information itself, and the risks of the access environment. Only then can access be safely granted, and even then it should only be given to the target asset, and only for the minimal amount of time needed.

To put it simply, there are three points which are essential to maintaining a secure system when its assumed bad actors are already in the network:

  1. Adopt a Zero Trust approach. This approach refuses to trust anyone by default, even those already inside the system. It works on the assumption that there has already been a breach into the network and therefore maintains strict control over access to all data. Never trust, always verify, enforce least privilege.

  2. Adopt Multi-Factor Authentication Everywhere. Users with elevated privileges are the prime target for hackers and as such, the secure management of their accounts is critical. Multi-factor authentication is an easy tool to implement and adds an extra layer of defense to privileged information by authenticating the user with more than just a username and password, such as with a text code or fingerprint scan.

  3. Utilise machine learning. Machine learning algorithms allow for constant, unbiased monitoring of privileged users’ behaviours and can quickly identify any atypical or risky behaviour. Alerts can then be sent out in real-time or sessions can be auto-terminated if a risk threshold is reached, quickly and effectively stopping any breaches.

In 2021, it is now understood that cyber threats do not just come from elite members of the hacker community and cyber criminals now have a breadth of attack surfaces to pick from. The evolving threatscape demands businesses to protect the cyber identities of those with the most empowered access. For businesses to do this effectively, it is key to adopt a Zero Trust approach and put into place a solid identity-centric privileged access management strategy.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate


Newsletters with Secrets & Analysis. Subscribe Now