Are you asking the right questions following a cyber attack?

barbed-wire-960248_960_720When discussing the numerous, ever increasing cyber attacks in the modern digital landscape, the media tends to ask the same questions: Who was this attacker and what did he want?

While these certainly seem like the important issues to face in a hacking scenario, an article from Trend Micro Senior Threat Researcher Kyle Wilhoit points out that asking these questions really doesn’t help. Sure, they may help bring the cyber criminal to justice. However, these types of questions don’t do much in terms of fixing the real problem at hand, which is that the hacked entity’s cyber security needs an upgrade.

They all want the same thing

A hacker’s motives for initiating a cyber attack generally boil down to two separate, yet simple reasons: because they can or because they want money. In order to understand the first reason here, it’s important to delve a little bit into the mind of the average hacker.

Although these nefarious individuals have chosen a life of cyber crime, they’re usually extremely intelligent and enjoy flexing their skills whenever they can. Anonymous’s hack of the European Space Agency is a great example of this. Tech Times reported on the cyber attack, which ended with Anonymous releasing data such as the account information of registered users of the website. This was obviously a targeted attack, and yet no one has been able to nail down a motive outside of the thrill of it.

That being said, hackers aren’t accessing networks just to get their kicks. One of the main motives behind a cyber attack is monetary gain, but how the cyber criminals go about getting this money depends on what they gain access to.

As PayPal’s principal consumer security scientist Markus Jakobsson said in a Wired article, “Attackers do things for a reason. If we are talking about attacking your Bank of America account or PayPal the reason is obvious: They want your money.”

A hack of a banking account is one of the easier ways of gaining access to money, although it’s far from simple. Banks generally have top-notch security, and going right after them is pretty complex. It’s much simpler to access a less secure account, gain personally identifiable information about the victim and then go to the bank posing as this person to steal their money.

The hacker’s identity doesn’t really matter

After asking what they were after, the next question on a cyber attack victim’s mind usually has to do with who the hacker was. Again, this is an understandable concern but it doesn’t really get the victim far in terms of future safety.

As Wilhoit states, finding out exactly who the person is really doesn’t matter in the grand scheme of things. A network administrator could easily track an IP address back to a server, only to find out that the cyber criminal used this machine as a proxy for their attack. Even if the cyber attack did originate here, another problem comes in the form of getting the server administrator to cooperate.

Rather than finding out the actual identity of the cyber criminal, Wilhoit says that victims of an attack should look who the attacker was in terms of their hacking skills. Did the hacker utilize script he could have easily found on the Internet, or did he use custom-made malware designed specifically for this attack?

Finding cyber criminals is a matter for the police or those with a high level of cyber security training. The user should be concerned with what they can do in the future to prevent another attack.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.