Nearly 86% of data breaches are financially motivated. That’s probably not surprising, but it certainly provides a strong incentive for organizations to avoid such attacks. The repercussions speak for themselves.
– The average business downtime from ransomware attacks is 22 days.
– Organizations hit with CEO fraud attacks lose between $25,000 and $75,000.
With corporate challenges such as cyberattacks, it’s helpful to understand the motives behind the people in charge—hackers. This guide will walk you through the top common targets for hackers, the types of entities and platforms hackers target, and why.
Use this information to decipher possible gaps in your organization’s cybersecurity strategies and fill those in with the right threat intelligence services.
How Do Hackers Choose Targets?
Hackers generally tap into three areas to select their targets:
1. The Dark Web
Hackers look in the dark web—a network of sites and forums that allow users to be anonymous, often for illicit purposes. Studies suggest that 57% of the dark web supports illegal activity.
Hackers regularly browse the dark web to gain access to confidential accounts and data, or they use the platform to sell sensitive information.
Here are some average costs of records for sale on the dark web:
- Credit cards: $165.43 (up by 105.15% from the year prior)
- Passports: $1579.58 (up by 130.83% from the year prior)
- ID cards: $592.90 (up by 177.71% from the year prior)
Learn more about what dark web monitoring entails.
2. Cash-Rich Organizations
Some hackers target private-sector companies that are typically more cash-rich than public-sector organizations. Hackers launch spear-phishing or direct network intrusion to carry out a multitude of cyberattacks such as fraud or blackmail operations.
For example, Colonial Pipeline, a gasoline provider that services the majority of the U.S. East Coast, paid $4.4 million to a group of hackers known as DarkSide. The company’s network was completely taken down for several days—the first time in its 57-year history.
Hackers found passwords to Colonial Pipeline’s network on the dark web and used this information to trigger ransomware.
3. Smaller/Newer Businesses
Oftentimes, larger organizations are front and center in mass media news regarding cyberattacks. But let’s not forget the smaller guys. Contrary to what many may think, small businesses are just as enticing to criminals as larger, more profitable ones.
According to the 2022 Data Breach Investigations Report, small businesses:
- Most frequently face ransomware attacks followed by stolen credentials and phishing
- Face threat actors from both external (69%) and internal (34%) sources
1. Human Nature. As human beings, we like to share everything we do on the Internet.
2. Data Leakages. Accidental publications of your data, due to misconfigurations and errors, by companies you have or currently engage with
3. Data Brokers. Their main business is to sell your data on the Internet, and most of them operate fully within the law!
4. Data Breaches. Although the companies you engage with make a concerted effort to safeguard your data, this information is valuable to hackers, and so data breaches happen frequently, exposing your personal information on the Dark Web.
Where Are Most Hackers From?
An understanding of the most common regions from which hackers originate will help your organization develop a proactive approach to monitoring potential threats.
Here are the top 10 countries where most hackers are from:
4 Common Industries Hackers Target
Hackers typically target four main industries.
Over 90% of hospitals have been the victims of cyberattacks (most notably, ransomware) within the past three years. Outpatient/specialty clinics have been a particular target.
Cyberattacks in the healthcare world can manifest in many ways, such as denial of service, malicious code, and ransomware.
These attacks not only negatively impact healthcare providers, but also their patients:
- 2020: 34 million patients were affected.
- 2021: 45 million patients were affected.
Half of NGOs have experienced ransomware attacks. NGOs are particularly vulnerable and ideal targets because of their financial data. Data such as donation or fundraising portals serve as prime sources for sensitive monetary information.
Let’s take a look at two recent NGO cyberattacks for reference:
- In January 2022, a Doctors Without Borders server in Spain was hacked. Acess brokers placed an ad on a dark web forum, offering entry to one of the organization’s servers. Fortunately, they avoided serious data breach, but the potential exposure of the nonprofit’s data is alarming, just the same.
- In February 2022, hackers attacked the International Committee of the Red Cross (ICRC) using code designed to target servers. If proactive steps were not taken, this could have led to data loss on nearly 500,000 people.
4. Finance and Insurance
The finance industry provides plenty of opportunities for maximum revenue and impact—two criteria essential to a criminal’s goals.
- 70% of digital attacks on financial and insurance firms target banks.
- 16% attack insurance organizations.
- 14% attack other financial businesses.
Server access attacks, ransomware, misconfigurations, and fraud are common attacks in this industry.
Check out Constella’s own research on the impact of data exposure in the Financial Services Sector.
3 Most Common Targets for Hackers
Hackers are constantly on the hunt for network vulnerabilities. Here are the top three common targets for hackers.
1. Open Source Code
Open source code is code anyone can inspect, modify, and enhance.
Businesses use open source code to present their products to the market—95% of IT leaders believe enterprise open source code is important to their company’s infrastructure. Not to mention, nearly 99% of codebases carry at least one open source element.
However, the prevalence of open source software introduces security risks. Due to the unlocked nature of the code, attackers can conduct malicious attacks. Moreover, once these attacks are carried out, the vulnerabilities can be challenging to track.
The growth of IoT devices is both a blessing and a curse. IoT’s development allows businesses to automate workflows more and boost performance—83% of organizations improve their efficiency with IoT technology.
But this all comes at a cost—as more devices are connected to the cloud, the risk for digital attacks grows. During the first half of 2021, IoT cyberattacks more than doubled year-on-year. This totaled 1.5 billion violations.
As hardware and systems move over to the cloud, businesses must converge physical security with cybersecurity. Gartner predicts half of asset-intensive organizations will converge their cyber and physical teams under one department by 2025.
As the convenience of payments-as-a-service (PaaS) continues to grow, companies rely on blockchain technology to give customers/clients full control over their assets.
While an open decentralized payment system allows businesses to conduct transactions without a third party, this propagated system leaves it vulnerable. In 2021, $14 billion in illicit cryptocurrency addresses were received. This number reflects a 79% increase from 2019.
Have you ever started shopping with an online merchant you hadn’t used before, and after adding a few items to your cart decided to hold off on making the purchase and left the page—but moments later you receive an email reminding you there are “items waiting for you” in your shopping cart? As competition grows, websites are implementing very clever techniques to maintain their edge, like reminding you of your “abandoned” shopping cart. Experts have found that many sites capture everything you type on their site, in real-time, regardless of you pressing “submit” on the form.
How to Protect Your Company from Hackers
No organization deserves to be the victim of a cyberattack. Your people and brand are on the line; this calls for state-of-the-art digital security tools that can drive comprehensive risk management programs.
With Constella Dome, your team can focus on growing your business while we do all the heavy security lifting. Dome:
- Offers rich-context data such as risk level, specific workforce members/departments that are at risk, and sources of attacks
- Automates the collection of billions of data points
- Automates access to thousands of proprietary and public data sources to reduce the volume of data requiring human analysis
- Frees up your scarce resources to focus on responding to actual threats
- Provides easy scalability, so no matter how your company grows, the Dome software will grow with it
Lean on Constella for Full Digital Risk Protection
Bolster your cybersecurity program this year by partnering with industry leader Constella. With Constella Dome, you can proactively protect your executive and employee data from cyber threats.