According to the study "Organizations and Cybersecurity" recently published by LEET Security, 87% of spanish managers are concerned about the cybersecurity of their companies. And they don´t lack reason since almost 60% of these companies claim to know they have suffered a cyberattack.

Until a few years ago, many of these managers were relaxed because they didn't consider their business to be of special interest to cybercriminals. But the exponential cybercrime growth in recent years and its widespread dissemination in the media, together with the growing dependence on business processes regarding technology (digital transformation) have made companies more concerned about the economic losses derived from the services unavailability , and almost 70% of the General Direction is involved in this matter. 

When we observe other studies, like the New Threats, New Mindset: Being Risk Ready in a World of Complex Attacks, of Kaspersky Labs, we find that the targeted attacks became one of the threats of greater growth in 2017, increasing with respect to the previous year 6% in SMEs and 11% in medium and large companies.

Results of these and many other sector studies lead us to the conclusion that today the question is not whether or not I will suffer a cyberattack, but when it will happen, because sooner or later it will happen. But not for that reason, we must give up on taking advantage of the technological advances that help the companies growth. And Internet disconnection can't be an option either.

One of the best ways to defend yourself is to create a strategy based on the enemy's understanding. That is why we want to explain what is the cybercriminals motivation and how they usually act.

Overall, targeted attacks serve economic reasons. Cybercriminals seek profitable income either through extortion, as in the case of ransomware attacks, confidential data theft they can sell on the black market, manipulation of electronic business transactions in their favor, scams through social engineering techniques, etc. In this aspect we must also consider the denial of service attacks that, although they don't make a direct profit, pursue the reputation damage of their target, and consequently gain a competitive advantage.

Cybercriminals carefully study their victims and try to develop different attacks to achieve their purpose. Don't forget many of these criminals work in organized groups, and hacking tools are more accessible every day for anyone with a minimum of computer skills. Therefore, and although it is an important challenge, the better we are prepared the better.

Basically, the cybercriminal  "modus operandi" can be disaggregated as following:

Once the target is selected, the criminal tries to obtain all kinds of public information about him from different sources, and usually makes a first approach through social engineering techniques, trying to attack the human factor. In the next phase, keep gathering information; but this time approaching the objective directly and searching different elements and devices exposed on the Internet.

From the information gathered above, the attacker identifies systems vulnerabilities and uses them to gain access. Once inside the victim's network, he tries to go unnoticed while performing the attack itself (information theft or manipulation , denial of service, etc). And finally, when he has finished his work, he cleans up the trace he may have left on the network and disappears. 

Nowadays any entity that has an online presence, generates information in its business processes, or whose systems are housed in the cloud, is a potential targeted attack victim. Luckily, organizations are becoming aware of the need to develop a plan that minimizes the risks and impact of any cybersecurity incident.

In this sense, from LEET Security we propose our rating methodology as the ideal tool for the construction and improvement of its cybersecurity capabilities, since it collects and evaluates all the necessary aspects to keep in mind in order not to leave open doors, both in the organization itself, as in the third parties outsourced services.

All you need is LEET

Suscribe to our Newsletter by clicking here

You can follow us on twitter.com/leet_security

28 de junio de 2018