One of the questions we hear a lot goes something like, why are hackers targeting my computer or network? What do they want? The main reason is usually financial, they want money. However, there are a lot of reasons why an attacker may be trying to access your computers. In this post, we will explore the reasons why attackers will target small practices and businesses. You will learn many of the reasons behind their motivations so you can better protect yourself and your practice.
The top reasons hackers are targeting your computer
Let’s get one thing cleared up here before we begin. Usually, an attacker is not looking for you or your practice specifically. Most attackers will cast a very wide net hoping to capture as many people as possible. Think of it like a burglar going to each house in a subdivision and trying the front door. The ones that are locked or have an alarm system, he skips. But the ones that are unlocked, he goes in. Hackers work the same way. They will scan large parts of the Internet looking for specific vulnerabilities. When they find one, they will use it to gain access to a system. They may also send out millions of phishing emails and when a victim responds, they will attack those victims.
It’s often as simple as that, a numbers game.
This is the most common target to go after. This will include your bank account information, credit cards, tax filing information, your investment accounts, and loans. Attackers can use each of these to make money.
Bank accounts: an attacker could transfer money to himself from your online banking
Credit cards: credit card accounts sell for about $4 each on the Darkweb. So simply having your account information could make money for an attacker. But generally, they will use a single user’s account to make fraudulent purchases.
Tax filings: a relatively new form of attack is to file for the victim’s tax refund before they do. This is a quick win for the attacker and can be a large amount of money.
Investment accounts: Similar to your bank accounts, an attacker could transfer money or assets to their own accounts.
Loans: depending on the type of loan account, an attacker could transfer money from your online account to their own accounts.
This is a new form of attack with the proliferation of social media. Attackers could use your accounts to pretend to be you and make damaging posts under your name. They could also use your accounts as part of a larger agenda to post fake news across the Internet. Lastly, they could use your email accounts to send out email pretending to be from you. This increases the chances that the emails would be opened by others.
Once an attacker has access to your server, there are a lot of things that it can be used for. A common use is to host illegal content and distribute it to others online. This could be anything from pirated software to child pornography. Attackers could even use your server as a way to distribute malware to others. Since most hacked servers are never discovered by their owners, this provides a safe place to store large amounts of illegal content.
If an attacker thinks you are worth the effort, they would want to have access to your email messages. These could be used to steal financial information or personal data. This could be used for theft or blackmail by the attacker.
Having access to your email account also means that an attacker has access to your contacts. This is a way for them to expand their attack by pretending to be you. This increases the likelihood that the emails will be opened by the potential victims.
Your email accounts could also be used to send out phishing attacks or spread malware to others.
Attackers could gain access to your online accounts such as:
- Messaging apps like: Skype, WhatsApp, Viber, Messenger
A famous incident involved getting access to celebrity iCloud accounts and then downloading their personal pictures. These involved, often very private, pictures. Many celebrities had their nude images posted on the Internet. This is about bragging rights to the attacker. His own reputation went up due to hacking these accounts and gaining access to information that would otherwise never be seen.
You can read about that here.
This type of attack is also about money. An attacker may use ransomware to infect your computer and hold your data hostage. Other forms of ransom are using your data against you. You might be willing to pay money to keep your private pictures from being posted online for all to see.
Another way attackers have done this is to use malware that lets them control your webcam without you knowing. The attacker will take pics of you that might be embarrassing if they were released. The attacker may demand money to keep these pics out of the public view.
A final way this can be done is to threaten to release your surfing or internet habits. We all have something we’d prefer others not to know and might be willing to pay to prevent it.
If a hacker can control your server or computer, then they can use it to attack others on the Internet. This is a great way to hide their own location and make the attacks seem as if they are coming from you.
Do you want your computer to be used to attack an attorney in Spokane?
A common use of this is in Distributed Denial of Service Attacks (DDoS). A denial of service attack is when an attacker sends large amounts of data to a website or server online. The amount of data is too much for the server to handle so it can’t remain online. You may have experienced something like this when you tried to purchase concert tickets for a popular artist and found the site became unresponsive. This is due to so many users trying to access the site at the same time and the site is overwhelmed. Hackers can often do the same thing to websites they don’t agree with. This can be political in nature.
A distributed denial of service attack uses thousands of computers or devices to send the data to the victim. In the past, we have seen attacks coming from millions of infected devices.
Not always about money when targeting your computer
As you can see, there are a lot of reasons why an attacker may want to control your computer or data. While most do resolve around financial gain for the attacker, not all do. Some are as simple as ego or his reputation.
Many people think their data isn’t important or they themselves aren’t important enough to be attacked. This just isn’t the case. If an attacker can make money from you, they will. This is the reason ransomware has been such an effective money make for attackers worldwide. As we depend on our devices and data more, the higher the value of our data becomes.
We have created a PDF document that summarizes this post. You can download that here.
This PDF was based on a document originally created by Brian Krebs at Krebs On Security.