Introduction
Crime, especially organized crime, is a business. Return on investment, risk vs. reward, balance sheets, cost of inventory and personnel, software and hardware costs – these and many more factors (including attitude factors such as loyalty and customer service) create an ironic connection between criminal activities and business ventures.
The bigger the potential payout, the better chance that the crime will be attempted. While no one is immune to cybercrime, a big payout is attacking big corporations.
Nothing in this writing is intended to shame or blame any companies that were attacked. Many attacks – including the ones noted here – are comprised of multiple exploits. Maybe it’s a combination of an accidental download of fileless malware, and a months-long intrusion (pointing to a lack of internal monitoring). Or it’s a disgruntled employee who is bribed to give a username and password to the thief to install spyware on a laptop so they can discover admin credentials to SSH into an externally-facing server. Perhaps it’s infiltrating a third-party, staying under the radar for months to map the network of the customers, then distribute malware.Â
Chained attacks like these make it difficult, if not impossible, to find the exact point at which the network is compromised. And this complication makes it that much harder for companies to defend against them. Layered defense is the security principle, but the more layers, the more costly in terms of personnel, talent, and financial resources.
Let’s cover several of the techniques used....