About the Author
Andrew Beale OBE
Her Majesty Queen Elizabeth II awarded Andrew with an OBE for his "services to intellectual property and business".
Previously a Consultant with United Nation's World Intellectual Property Organization (Geneva), Andrew has served as Acting Head of the (now) Hillary Rodham Clinton School of Law, an Associate Professor in Intellectual Property Law and Director of IP Wales (an award winning £4m initiative helping SMEs to risk manage their intellectual assets).
To contact the author click here
With the focus of SMEs on surviving the COVID-19 pandemic, law enforcement agencies across the world are cautioning that the cyber threats facing all businesses today remain significant, varied, and growing.
“So who exactly is targeting my business and what do they hope to achieve?”
Your business is up against a wide range of attackers whose backgrounds and motivations are as varied as the techniques they employ. The four main groups targeting your business are:
Criminal Gangs: The most common source of cyberattacks are highly organised online international criminal gangs, employing teams of coders (malware developers), network administrators (bot herders), intrusion specialists, data miners (to extract valuable data), money specialists (to monetise the data they steal from you via ‘secondary fraud’ – i.e. using other criminals), money mules and mule herders (to launder the stolen money). Motivated by money, their goal is to extract cash from your data through fraud, ransom, or selling it on. Increasingly, many offshore hackers have been offering their services on a freelance basis, being hired by unscrupulous business owners to target direct competitors e.g. in 2016 Frazer-Mann of Elite Loans admitted five charges in Cardiff Crown Court of commissioning DoS attacks on rival pay-day loan companies by paying hackers from Costa Rica U$100 to crash a competitor website.
State-Sponsored Groups: Increasingly, Western security agencies are seeing state-sponsored cyberattacks targeting SMEs. Such attacks on SMEs are generally in pursuit of the wider strategic goals of the government sponsoring them, and are often designed to steal valuable information that can be exploited domestically e.g. an American IP Report published in 2013 estimated their annual losses to IP theft, primarily from China, exceeded U$300 billion with many attacks targeted against SMEs. In 2014 the US Justice Department indicted 5 officers from China’s People’s Liberation Army Unit 61398 for stealing intellectual property to help China’s state-owned and state supported enterprises, a charge denied by the Chinese government.
Hacktivists: not all hackers will be driven by profit. Self-styled ‘hacktivists’ such as Anonymous use their hacking skills to pursue their political/ideological goals, and often cover a wide range of causes, from anti-capitalism through to animal rights campaigners. Although SMEs linked with controversial causes and sectors such as pharma, energy, and defence are particularly targeted, Experian predicts that companies across the board will increasingly become “collateral damage” in wider international disputes, with simply having a government contract making the business a target. Generally, the motives of such attacks are to cause maximum damage and embarrassment to the targets, either by disrupting operations or by releasing sensitive information.
Disgruntled employees: with many companies looking outwards, often the most immediate threat can lie within the company. Disgruntled employees with even the most basic understanding of IT systems can wreak havoc if given the opportunity, with many former employees still able to access company applications and databases by retaining passwords, accounts, and devices. Motivations for these attacks can be varied, ranging from a desire for revenging perceived grievances through to wanting to share valuable intelligence with a prospective employer.
“How do cybercriminals attack my business?”
Cybercriminals have a wealth of ways to try and attack your business, with the three traditional types of attack being:
Network confidentiality attacks: The main IP cyber threat, the aim here is to steal or release confidential data held by your business. Hackers will use a variety of tricks and techniques (discussed below) to gain unauthorised access to your data.
Network availability attacks: Typically known as denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks, the aim is to crash your website by flooding it with a massive number of requests (e.g. a ‘botnet attack’, a co-ordinated attack using hacked PCs, printers, and web-connected ‘smart’ devices such as CCTV cameras, kettles, toasters etc., which comprise the “internet of things”). SMEs engaged in eCommerce are particularly susceptible to these attacks and the revenue lost during such attacks can be significant.
Network integrity attacks: Often perpetrated by disgruntled employees these attacks are designed to cause as much damage as possible to your hardware, infrastructure, or real-world systems, resulting in irretrievably lost data, significant downtime, and the expense of replacing equipment. These attacks can be financially ruinous for SMEs with limited resources.
Cybercriminals use a variety of techniques to conduct these attacks, with some of their common tricks including:
(Spear-)phishing/smishing – hackers will send an innocent looking email or sms message to a targeted individual, enticing them to click on a link or download a file which then infects the user’s system, spreading to infect other users. With so much information now publicly available about targeted individuals on social media, cybercriminals are becoming increasingly sophisticated with their ‘baiting’ email or message, sometimes hacking the account of the target’s spouse or child and sending it from there.
Watering-holes & exploit kits – another favourite technique is to establish a compromised website with predator code waiting to exploit the unsuspecting visitor. In this attack, the victim unwittingly falls into the hackers trap, who will then use the website to directly attack the visitor and attempt to compromise their security.
Ransomware – be it ‘locker ransomware’ (locking the screen) or ‘crypto ransomware’ (preventing access to your own files or data via encryption), the goal is to essentially infect your system and take your data hostage. The cybercriminal will then try and extort a ransom from you in exchange for freeing your data.
One of the biggest challenges, however, is that the dramatic increase in internet connected devices has given cybercriminals the opportunity to become increasingly creative in how they target your business.
What this all illustrates is the wide range of potential cyber adversaries facing your business and the innovative attack methods being employed. It is imperative that SME Boards of Directors now look to proactively address these growing cyber threats against their business.