How Do Cyber Attacks Happen?

 What is a Cyber Attack? 

At the most basic level, a cyber attack is an attempt by someone to obtain information or cause damage to the person or organisation using a range of common cyber-attack techniques. The unauthorised user can hoodwink any IT infrastructure that isn't up to scratch with the latest cybersecurity best practices and defences. 

When tackling a problem, it's always a good idea to get to the root of the cause. A good place to start here is to identify the attacker's intentions: Why are they targeting your business or personal account specifically? 

When it comes to cyber-attacks, there tend to be three categories that predominantly make up the majority of cases: 

1. Criminal: Criminal cyber attackers are more often than not looking to target victims seeking some form of financial gain. They'll resort to their tried-and-tested methods to steal personal information (bank account details), hold organisations to ransom (holding data hostage and demanding payment for its release), and extort businesses (obtaining money or goods by threatening/enforcing cyber threats). 
2. Political: People with a certain political agenda or outlook may use cyber attacks to target specific governments or organisations. Politically charged cyber-attacks, commonly called hacktivism – a combination of cyber hacking techniques with political or social activism – aim to address political issues or raise awareness of societal problems via digital means. 
3. Personal: Some cyber attacks are usually backed by an ulterior motive and typically target specific individuals or groups. Former or current employees who've had bad experiences with a business may turn to cybercrime to seek retribution after being wronged. 

Who is Behind Cyber Attacks? 

Identifying the perpetrator behind every cyber attack is an untenable task for even the most astute cybersecurity expert. Cybercriminals come in all shapes and sizes, from Script Kiddies, inexperienced individuals who use pre-written scripts/tools to commit cybercrime without fully understanding the repercussions, to nation-states backed by political, economic, or military incentives. That being said, two main categories can be used to segregate the type of cybercriminals who may be looking to infiltrate a particular business. 

Insider Cyber Threats 

As you would expect, insider cyber threats originate within an organisation. Individuals with existing access to business-critical systems and information can cause reputational and financial damage by stealing sensitive information and data for personal gain. 

These insiders can range from current employees to contractors, suppliers, or even volunteers working for the organisation. The consequences of insider cyber threats tend to be more severe, as they can leverage their trusted position within the organisation to wreak havoc. 

Outsider Cyber Threats

Outsiders can also successfully infiltrate an organisation’s IT infrastructure; however, they may have to work harder to obtain the desired systems and resources. Hackers and fraudsters will need to use all the techniques and tools at their disposal to gain access to organisational data and information externally. 

It's important to note that outsider threats tend to be more frequent. While they don't have authorised access, to begin with, they can gain access by leveraging means such as phishing or by targeting vulnerabilities and weaknesses within security systems.

Real-world Use Cases 

Organisations of all shapes and sizes suffer from cyber-attacks. However, some leave themselves more exposed to attacks by failing to implement their cyber defence strategies. We've pulled together two recent real-world use cases that depict just how much reputational and financial damage can be dealt with by cyber attacks. 

Crypto.com (January 2022) 

Crypto.com is one of the most renowned cryptocurrency exchange platforms. Its founder, Kris Marszalek, launched the site in 2016, and the company's headquarters are in Hong Kong. Cryptocurrency traders can use the platform to buy, sell, trade, and manage various cryptocurrencies. 

The company was reaching remarkable commercial heights before it crashed back down to earth with a stinging blow in the form of a severe cybersecurity incident at the beginning of 2022. Cybercriminals bypassed the site's blockchain, a shared, decentralised ledger that facilitates recording transactions and tracking assets in a business network. They circumnavigated Crypto.com's two-factor authentication (2FA) to gain access to around 500 people's cryptocurrency wallets. 

The cyber attack dealt the company a damaging blow both reputationally and financially, as cybercriminals exploited 'unauthorised withdrawals of bitcoin and Ether worth $35 million'. 

Capita (March 2023) 

Capita, founded in 1984, has grown to become one of Europe's biggest and most successful outsourcing companies, reporting £56.5m profit before tax last year. The organisation has its fingers dipped in numerous pies, including Software, HR Solutions, Technology, and Public Sector Services. 

In the Spring of 2023, the organisation came under a bit of heat as they encountered two rounds of cyber-attacks, one in March, closely followed by a following attack in May two months later. Capita is a company "used by a large number of public and private organisations and they handle the information of millions of people" Therefore, when the company announced that cybercriminals had compromised it, it opened a massive can of worms as the interests of millions of people were on the line.

The cyber incidents potentially exposed a broad range of data and personal information, such as pension funds, and the organisation had to work hand-in-hand with cybercrime specialists to investigate the incidents, recover data, and enhance security. Capita came under more fire in the following months as they were alleged to have "Capita left a repository of files unsecured online", which was met with outrage from their customers. 

The entire ordeal was estimated to have cost per capita somewhere in the region of $25-$32 million. It also caused significant reputational damage to the outsourcing conglomerate as trust was eroded from their clients and stakeholders, and their cybersecurity vulnerabilities were exposed. 

Preventative Measures 

The million-dollar question when it comes to cyber security is, "How do I prevent my business from being cyber attacked?" Unfortunately, the answer is quite complex due to the ever-evolving nature of the cybercrime landscape. What we can do, however, is suggest some sound advice that should set you on the right path towards cybersecurity success. 

Review & Update Security Software Regularly

Due to technology's ever-changing nature, even the most robust security software and safety measures need to be reviewed and updated regularly. Without doing so, you'll expose your business to vulnerabilities, decreased performance, and potential compatibility issues later on. 

We recommend logging a six-month software review in your calendar so you never forget this all-important step in securing your business. 

Provide Comprehensive Employee Cybersecurity Training

In 2022, the "World Economic Forum found that 95% of cybersecurity incidents occur due to human error". Therefore, providing comprehensive cybersecurity training for your employees should never be overlooked. 

At Netitude, we provide our clients with rigorous rounds of training sessions, and our security team keeps their employees on their toes by regularly testing them with false phishing attempts. If they fail to recognise 'how to spot a phishing email' and fall for the bait, then they'll be in for extra training sessions to ensure they learn from it. 

Invest in Your Organisation's Network Security

You can probably guess that having an inadequate network security level will not get you very far in this day and age. Not having appropriate network cybersecurity in your organisation can put your business at risk of succumbing to unauthorised access and data breaches. The organisation will be blind to any incoming cybersecurity threats. 

Network Security is a core pillar within our bespoke NET9 Framework. Therefore, one of the first areas we analyse when onboarding a new client is the entire organisation's cybersecurity infrastructure. Once our technology experts assess which components meet the required standards and identify areas that need updates or replacements for compliance, we'll collaborate with the client to execute the necessary work according to a customised roadmap and timeline.