© Andrew Beale (2017), all rights reserved

About the Author
Andrew Beale OBE

Her Majesty Queen Elizabeth II has awarded Andrew with an OBE for his "services to intellectual property and business".

Previously a Consultant to the United Nation's World Intellectual Property Organization (Geneva), Andrew is an Associate Professor in Intellectual Property Law and the Director of IP Wales, an award winning £4m initiative aimed at providing SMEs with the knowledge and financial means to commercialise their intellectual assets.

To email the author click here

Law enforcement agencies across the world are cautioning that the threats facing businesses today are significant, varied, and growing every week. The scale and boldness of recent attacks such as Petya (2017) and WannaCry (2017) have highlighted both the seriousness of this threat, and the damage that can be inflicted.

“So who exactly is targeting my business and what do they hope to achieve?”

 

Your business is up against a wide range of attackers whose backgrounds and motivations are as varied as the techniques they employ. The main groups targeting your business include:

  • Criminal Gangs: The most common source of cyberattacks are highly organised online international criminal gangs, employing teams of coders (malware developers), network administrators (bot herders), intrusion specialists, data miners (to extract valuable data), money specialists (to monetise the data they steal from you via ‘secondary fraud’ – i.e. using other criminals), money mules and mule herders (to launder the stolen money). Motivated by money, their goal is to extract cash from your data through fraud, ransom, or selling it on. Increasingly, many offshore hackers have been offering their services on a freelance basis, being hired by unscrupulous business owners to target their direct competitors e.g. in 2016 Frazer-Mann of Elite Loans admitted five charges in Cardiff Crown Court of commissioning DoS attacks on rival pay-day loan companies by paying hackers from Costa Rica U$100 to crash a competitor website

  • State-Sponsored Groups: Increasingly, Western security agencies are seeing state-sponsored cyberattacks targeting SMEs. Such attacks on SMEs are generally in pursuit of the wider strategic goals of the government sponsoring them, and are often designed to either destabilise a foreign entity or steal valuable information that can be exploited domestically. SMEs that work in highly competitive fields such as technology or in sectors of national importance such as energy and defence are particularly attractive targets for state-sponsored hackers. For example, an American IP Report published in 2013 estimated their annual losses to IP theft, primarily from China, exceeded U$300 billion with many attacks targeted against SMEs. In 2014 the US Justice Department indicted 5 officers from China’s People’s Liberation Army Unit 61398 for stealing intellectual property to help China’s state-owned and state supported enterprises, a charge denied by the Chinese government

 

  • Hacktivists: not all hackers will be driven by profit. Self-styled ‘hacktivists’ such as Anonymous use their hacking skills to pursue their political/ideological goals, and often cover a wide range of causes, from anti-capitalism through to animal rights campaigners. Although SMEs linked with controversial causes and sectors such as pharma, energy, and defence are particularly targeted, Experian predicts that companies across the board will increasingly become “collateral damage” in wider international disputes, with simply having a government contract making the business a target. Generally, the motives of such attacks are to cause maximum damage and embarrassment to the targets, either by disrupting operations or by releasing sensitive information

  • Disgruntled employees: with many companies looking outwards, often the most immediate threat can lie within the company. Disgruntled employees with even the most basic understanding of IT systems can wreak havoc if given the opportunity, with many former employees still able to access company applications and databases by retaining passwords, accounts, and devices. Motivations for these attacks can be varied, ranging from a desire for revenging perceived grievances through to wanting to share valuable intelligence with a prospective employer.

“How do cybercriminals attack my business?”

Cybercriminals have a wealth of ways to try and attack your business, with the three traditional types of attack being:

  • Network confidentiality attacks: The main IP cyber threat, the aim here is to steal or release confidential data held by your business. Hackers will use a variety of tricks and techniques (discussed below) to gain unauthorised access to your data

  • Network availability attacks: Typically known as denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks, the aim is to crash your website by flooding it with a massive number of requests (e.g. a ‘botnet attack’, a co-ordinated attack using hacked PCs, printers, and web-connected ‘smart’ devices such as CCTV cameras, kettles, toasters etc., which comprise the “internet of things”). SMEs engaged in ecommerce are particularly susceptible to these attacks, as the revenue lost during such attacks can be significant

  • Network integrity attacks: Often perpetrated by disgruntled employees these attacks are designed to cause as much damage as possible to your hardware, infrastructure, or real-world systems, resulting in irretrievably lost data, significant downtime, and the expense of replacing equipment. These attacks can be financially ruinous for SMEs with limited resources.

 

Cybercriminals use a variety of techniques to conduct these attacks, with some of their common tricks including:

  • (Spear-)phishing/smishing – hackers will send an innocent looking email or sms message to a targeted individual, enticing them to click on a link or download a file which then infects the user’s system, spreading to infect other users. With so much information now publicly available about targeted individuals on social media, cybercriminals are becoming increasingly sophisticated with their ‘baiting’ email or message, sometimes hacking the account of the target’s spouse or child and sending it from there

  • Watering-holes & exploit kits – another favourite technique is to establish a compromised website with predator code waiting to exploit the unsuspecting visitor. In this attack, the victim unwittingly falls into the hackers trap, who will then use the website to directly attack the visitor and attempt to compromise his or her security

  • Ransomware – be it ‘locker ransomware’ (locking the screen) or ‘crypto ransomware’ (preventing access to your own files or data via encryption), the goal is to essentially infect your system and take your data hostage. The cybercriminal will then try and extort a ransom from you in exchange for freeing your data. The WannaCry (2017) attack is a recent example of this, with South Korean web-hosting firm Nayana paying a $1m Bitcoin ransom to unlock computers frozen by hackers.

 

One of the biggest challenges, however, is that the dramatic increase in internet connected devices has given cybercriminals the opportunity to become increasingly creative in how they target your business. 

What this all illustrates is the wide range of potential cyber adversaries facing your business and the innovative attack methods being employed. It is imperative that SME Boards of Directors now look to proactively address these growing cyber threats against their business.