In January, the FBI reported that cybercrime spiked 300% since the pandemic’s onset last year. Approaching mid-2021, this troubling trend shows no signs of reversing. Hackers continue to assault hybrid workplaces –i.e., IT environments supporting mixed in-person and remote activity – as companies scramble to secure them. Just one successful data breach can cost large companies millions and put a small or mid-size ones out of business.
So, how can you protect your organization? Start by understanding the mentality and motives of would-be attackers. Here are three types that experts call “threat actors:”
- Organized Cybercriminals: Just like gangs in the physical world, these groups seek financial gain by seizing digital assets and controlling virtual operations. So, they target data-rich businesses, often opting for ransomware as their weapon.
- Petty Cybercrooks: Sometimes called “Script Kiddies,” these hackers operate on a smaller scale than cyber syndicates but typically buy or borrow the automated tools of their trade. Rather than the grandiose system shutdowns of ransomware, these thugs favor phishing for credentials that enable subtle, more frequent and less easily detectable digital thefts.
- Unconscious Incompetents: Not all threat actors have malicious intent. Some simply are unaware of cyber risks, such as the latest social engineering tricks. Others are just prone to digital gaffes that create vulnerabilities, such as storing credentials in a file labeled “passwords.”
Good news is one business tactic can address all three threat actors: User training.
We can assist and accelerate your cybersecurity education program.