How Hackers Know If They’ve Hit a Gold Mine

Top Information Hackers Look For

There are two types of cyber attacks, targeted and untargeted.  Targeted could be as specific as going after a certain business or government agency, or as broad as a certain sector such as education or healthcare.  Targeted attacks often occur when an enemy or competitor specifically targets a business or entity for the purpose of creating reputational or production damage, or monetary loss by the victim.

Untargeted attacks are far more common than the alternative.  In an untargeted attack, hackers cast a wide net hoping to infect as many people as possible.  Since cyber attacks often result in a monetary gain by the hacker, casting a wider net means higher profits.  But what exactly is profitable?

It depends on the attack.  If a hacker is looking to steal information to sell on the dark web, they will think they hit a gold mine with the information below:

  • Name
  • Date of birth
  • Address
  • Social security number

With that information, they could also create fraudulent credit card accounts.  Again, a gold mine.

Other Means of Monetary Gain

Hackers are also infecting users with ransomware, which locks the user’s files until a payment demand is met.  The only way for a user to work around this is to restore their system using backup files.  Often times businesses will have backup files in place, but it may be more costly to restore using backups than to just pay the ransom.  Often times, home-users do not have their backup files stored on an external device or cloud-based provider, meaning they feel like they have no choice but to either pay or be out their information.

Ransomware hackers also know certain verticals are more willing to pay the ransom than to wait out restoring their systems on their own.  For instance, financial institutions are entirely dependent on IT.  This means, if a hacker were to take down a banking network they would be entirely paralyzed.  Customers would have no idea what their bank balance is, online banking wouldn’t work, balance transfers would not be available, and all credit/debit card transactions would be denied.  The bank would have no option but to shut down until the systems were remediated.

The healthcare industry has also been the victim of multiple ransomware attacks.  Unfortunately, at times they’ve opted to pay the hackers with the hope of getting access to their systems again.  Historically when a hospital has been hit with ransomware, various appointments were canceled, and patients were rerouted to other facilities to have their medical care needs met.  Not only does this impact the hospital’s bottom line, but also their reputation.

Don’t Fall Victim

Data is only as safe as the endpoint it is kept on.  The easiest way to avoid falling victim is to employ an antivirus protection that uses an automated application whitelist technology.  This will block all unknown and potentially malicious files from executing on your device.  A whitelist, also known as a default-deny approach, will only allow known trusted programs to execute.  The technology should also include a way to block fileless malware attacks, which use scripting engines to execute malware, instead of downloadable files.

Also, users need to keep their operating systems and third-party applications updated with the latest versions.  This mitigates the risk of hackers using known security vulnerabilities to exploit the system.

3,674 total views, 18 views today

(Visited 2,814 times, 1 visits today)

2 thoughts on “How Hackers Know If They’ve Hit a Gold Mine

  1. Great article! But, please do not end sentences with a preposition.

    Doing so is quite annoying to those of us who understand a bit of english grammar and would make no difference to those of other ilk who will only find your writing much easier to read.

    I hope this criticism will not be considered some kind of attack,hate mail or spam.

    Sincerely,
    Jerry Drukin

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.