Intelligent CIO Middle East Issue 04 | Page 56

INTELLIGENT BRANDS // Enterprise Security

fundamental differences in the values held by
the attacking group and the organisation being
hacked

At a glance…

Monetary gain: To extort victims for
monetary gain in an effort to cripple the target
organisation and fund the hacktivist’s causes.
Part of the reason these attacks are becoming
more widespread is the fact that they are
far easier to carry out than they were just a
couple of years ago. With hacking tools readily
available to those who know where to look, the
resources required to stage a high-profile attack
are dangerously easy to find and implement.
Social engineering attacks will rise in
the wake of 2015 breaches
Hundreds of thousands of customer details
were leaked as a result of the 2015 data
breaches. This data is most valuable to hackers
before the leak is discovered and made public,
when it becomes much harder to sell off or act
without attracting attention. However, even
after the breach is discovered, this information
is still out there, still accessible, and is often
used in a second wave of attacks to target the
victims themselves many months later.
Hackers will often bombard breached email
addresses with phishing attacks in an attempt
to gain access to more of their personal details.
By impersonating banks, retail companies and
government agencies, the attacker will try to
trick users into sending them money or personal
information. These imitations are becoming
more convincing, with hackers explaining to
users that they are vulnerable to an attack
and must change their details immediately by
handing them over in some way.
Cyber-attacks are not going away anytime
soon and one can make the argument that
on the contrary, these attacks are only going
to grow in number and sophistication in
2016 and beyond. Against this backdrop ]\š[\\