What Motivated Hackers to Act in 2015?
By Paul Gillespie
Faculty Member, School of STEM at American Public University
One of the most notorious breaches in cybercrime recently was the attack on the Ashley Madison adult website. It is interesting from an information security viewpoint to reflect on the nature of this attack, and how the cybersecurity landscape is changing.
In the early days of hacking, the hacker’s main goal was to prove that they were smarter than you, a superiority statement. The hacker wanted to prove that they could penetrate your system. The motives for the hacker of today are much, much different. I like to lump them into three major categories:
Revenge Attacks
This category of attack isn’t exactly new, but Sony and Ashley Madison represented a new paradigm for this category. Some early hackers sought to discredit an organization. The latest hackers instead went after organization users; Ashley Madison customers and Sony employees. As far as anyone has determined, the Ashley Madison perpetrators did not seek any monetary gains; although a few scammers did try some extortion in the aftermath. The attackers simply wanted to hurt the organization by posting personal information on public portals.
Monetary Attacks
This is far and away considered to be the biggest area of cyberattacks. The brunt of today’s attacks are committed for monetary gain. The majority of these hackers are professionals from some sort of organized crime operation. There are a variety of ways to attack an organization for profit. A common attack is credit card fraud: present and not-present. The implementation of the chip-in-a- card solution in the U.S. will hopefully eliminate the present (where the card user is physically present) type of attack. However, according to a study by Javelin Strategy and Research, the amount of not-present attacks is expected to double over the next three years, negating the gains made by the implementation of the chip-in-a-card. Basically, one type of fraud will replace the other.
Government Intrusions
The reported North Korean attacks on Sony profoundly changed the landscape on this type of attack. A foreign government entity attacked a private organization, setting a new standard. Stuxnet could have been considered the pioneer of the new standard, but the American/Israeli cyberattack on an Iranian Nuclear plant is widely considered to be a government on government attack. Security practitioners have speculated that governments have been trying to get into each others systems for many years. The fact that a government attacked a private organization was a new twist and opens up some new possibilities. Could a government use cyber warfare to destroy another government through an economic attack? That is, could an attack on many organizations simultaneously be used to disrupt an economy? Or, could even an attack on a financial organization such as the New York Stock Exchange be used as a cyberwarfare tool in an attempt to cripple an economy?
Recent cyberattacks are showing new trends. What will the future bring? Will there be an escalation of attacks in which personal information is exposed, embarrassing either customers or employees? Will customers become afraid to supply information to organizations? A transformation will certainly occur in how we use credit cards and electronic purchasing. The amount of fraud is becoming a heavy burden to bear and eventually either consumers or lenders will reach the breaking point.
About the Author
Mr. Paul Gillespie has worked in the Information Technology and Security field for over 15 years. Aside from teaching at Information Security at APUS, he is currently the Branch Chief for Project and Policy Management for US MEPCOM, the organization that processes new personnel into the military. Mr. Gillespie is a retired Navy Chief Warrant Officer, serving for 23 years. His specialty was Engineering, Quality Assurance, Information Technology and Project Management. He has continued his professional career in the Federal Government sector, specializing in Project Management and Information Security.
