• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Are you asking the right questions following a cyber attack?

Are you asking the right questions following a cyber attack?

  • Posted on:December 31, 2015
  • Posted in:Industry News
  • Posted by:
    Noah Gamer
0
Do you know what to do after you've been hacked?

When discussing the numerous, ever increasing cyber attacks in the modern digital landscape, the media tends to ask the same questions: Who was this attacker and what did he want?

While these certainly seem like the important issues to face in a hacking scenario, an article from Trend Micro Senior Threat Researcher Kyle Wilhoit points out that asking these questions really doesn't help. Sure, they may help bring the cyber criminal to justice. However, these types of questions don't do much in terms of fixing the real problem at hand, which is that the hacked entity's cyber security needs an upgrade.

They all want the same thing

A hacker's motives for initiating a cyber attack generally boil down to two separate, yet simple reasons: because they can or because they want money. In order to understand the first reason here, it's important to delve a little bit into the mind of the average hacker. 

Although these nefarious individuals have chosen a life of cyber crime, they're usually extremely intelligent and enjoy flexing their skills whenever they can. Anonymous's hack of the European Space Agency is a great example of this. Tech Times reported on the cyber attack, which ended with Anonymous releasing data such as the account information of registered users of the website. This was obviously a targeted attack, and yet no one has been able to nail down a motive outside of the thrill of it. 

That being said, hackers aren't accessing networks just to get their kicks. One of the main motives behind a cyber attack is monetary gain, but how the cyber criminals go about getting this money depends on what they gain access to.

As PayPal's principal consumer security scientist Markus Jakobsson said in a Wired article, "Attackers do things for a reason. If we are talking about attacking your Bank of America account or PayPal the reason is obvious: They want your money."

A hack of a banking account is one of the easier ways of gaining access to money, although it's far from simple. Banks generally have top-notch security, and going right after them is pretty complex. It's much simpler to access a less secure account, gain personally identifiable information about the victim and then go to the bank posing as this person to steal their money. 

The hacker's identity doesn't really matter

After asking what they were after, the next question on a cyber attack victim's mind usually has to do with who the hacker was. Again, this is an understandable concern but it doesn't really get the victim far in terms of future safety. 

As Wilhoit states, finding out exactly who the person is really doesn't matter in the grand scheme of things. A network administrator could easily track an IP address back to a server, only to find out that the cyber criminal used this machine as a proxy for their attack. Even if the cyber attack did originate here, another problem comes in the form of getting the server administrator to cooperate. 

Rather than finding out the actual identity of the cyber criminal, Wilhoit says that victims of an attack should look who the attacker was in terms of their hacking skills. Did the hacker utilize script he could have easily found on the Internet, or did he use custom-made malware designed specifically for this attack? While these types of questions don't bring the cyber criminal any closer to justice, they do allow the victim to prepare themselves for future attacks. 

Of course, this doesn't mean that cyber criminals should be allowed to do whatever they want without any consequences for their actions. Rather, this means that the average person should be worried about their own online security. Finding cyber criminals is a matter for the police or those with a high level of cyber security training. The user should be concerned with what they can do in the future to prevent another attack. 

Related posts:

  1. Email may not be a safe mode of communication
  2. Surprise surprise, cyber criminals aren’t honest
  3. Cyber extortion proves importance of email security
  4. Utilities under attack: New cyber security vector

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.