6 Types of Hackers Businesses Should Protect Against

The first business hackers had an innocent motive: they were searching for programming shortcuts that made computing tasks faster. In the late 1960s, programmers started using what they called “hacks” to bypass the programming language of their employers’ mainframe computers. The hacks they created actually helped their companies. Computer tasks were completed faster, and some of the hacks were added to the mainframes

Today, when someone hacks the IT system of a business, they typically do it with a bad motive. Because IT staff have greater leverage to improve their employers’ IT than they did 60 years ago, the only time an IT system is tinkered with, without approval, is usually when someone has the wrong motive.

Right now, there are six types of hackers out there who have that motive, and who strike more frequently than other business hackers. You can protect your business against these hackers with proactive cyber security from NIC.

1. Customer Information Thieves

Hackers who steal sensitive information that a business collects from its customers are a driving force behind data theft statistics. In the IT departments of many B2C businesses, the notion of “business hackers” is equivalent to “information theft.” This is also becoming the case for the general public, as identity theft spawned from information theft grows.

What They Want

These types of hackers want two types of information: credit card numbers and personal information for securing credit lines and loans. When they get what they want, they do one of two things. They use the information to commit fraud or sell the data on the black market. Forensic IT investigations often reveal an unsettling fact: fraudsters often aren’t the ones who initially stole the customer information they possess.

Who They Target

Information thieves generally look for two things: a fairly large volume of information to steal and a fairly good chance of the theft succeeding. Taking a large data haul from a large business may seem ideal for these types of hackers. But targeting a specific type of small business can be more lucrative.

A small business that is nearly midsize and that has a mid-level data store guarded by a low-level security solution is prime pickings for an information thief. The low-level security solution may be a quality product that gives a hacker a headache, but it’s likely not as robust as systems that protect the same type of data, except in volumes twice as big and twice as valuable.

Business hackers bring a truism to data theft: cyber security that doesn’t suit a database suits a data thief.

2. Proprietary Information Thieves

Stealing customer information, and profiting from the theft, is generally easier than doing the same with proprietary information. Monetizing the latter is usually more complex due to the fact that it must be done within a business context. This makes it harder to sell on the black market. But if the hacker has the capacity to profit from a trade secret, or when a buyer is finally found, a successful proprietary information theft can be richly rewarded. Former employees, who know the true value of the information, are often the culprits.

What They Want

These types of hackers seek proprietary information of a specific kind, from a specific business. Having once been former employees or trusted consultants to their target, they usually know the information and the source from the start. While there are indeed cases of total strangers stealing trade secrets, designs awaiting patents, and other articles of an executive order, knowing the value of the guarded information is naturally born inside of the company that possesses it.

Unlike a large store of customer information, where every piece has an estimable value, proprietary information is not a hacker’s bag of treats. The quality of the information — not the quantity — is what makes it golden. Any information that could be advantageous to your competitors is a potential target.

Who They Target

A small business that is on the verge of being a force within its market, or midsize business that’s just beginning to make waves in its industry, is often an ideal target. Novel information that drives success, but which has yet to bring success to full fruition, often has of value to a company’s competitors.

3. Cause-Motivated Hacktivists

Instead of seeking advancement through personal gain, hacktivists seek a group’s advancement by supporting its cause. More often than not, that cause is to free themselves, or another group with which they sympathize, from what they interpret to be oppression by a stronger group. In some instances, hacktivists are good stewards to society, who fight corruption. But quite often, their own cause is rightly viewed as corrupt. They wear a “black hat,” but try to draw attention away from it by donning white gloves, so to speak.

What They Want

These types of hackers promote a cause by attacking its opponents. It’s as if they are ground troops, while politicians and/or moral leaders associated with the cause hold high command. If the leaders say that hacking for the cause is unacceptable, the hackers usually view the statement as a public relations move and keep hacking away at the opposition.

Because the cause is often advanced from the fringes, these hackers want to blaze an easier path for its advancement to the interior. But there’s a problem: the hacking itself scandalizes the cause by associating it with high-level trickery, which only serves to keep the cause in its political hinterland.

Who They Target

Almost without fail, hacktivists target an entity that they believe is degrading the dignity of an innocent group. Corporate entities that outsource jobs overseas and commercial entities that use animal test subjects are common targets. A company that arguably harms the environment in an ongoing way is also at risk.

In what’s often an unjust scenario, businesses that have only minor business ties to the prime targets are attacked, too. That tells us something about the intense disdain hacktivists hold for their opposition. One thing is certain: hacktivists rarely lack passion.

4. Homeland-Approved Hackers

Some business hackers are motivated by nationalism, which Oscar Wilde called “the virtue of the vicious.” These types of hackers have been requested by their nation to apply their hacking skills to its global ambitions. Unless their nation is at war, and they are attacking the enemy, these hackers typically don’t wage classic hack attacks on foreign targets; at least, not while they are hacking for their own government. Rather than waylaying the IT networks of another nation, they seek to quietly gain information that the networks hold.

What They Want

They typically want Information that will inform their government’s stance toward non-allies, particularly data that gives economic insight into a non-ally’s standard of living, and information that makes military decisions toward the non-ally more knowledgeable. In the end, they often amass what amounts to a “profile” of a nation, as seen by what its IT networks reveal. But to have its network probed by a foreign state will obviously be taken as a serious affront by any business.

Who They Target

Government and military organizations are common targets, as are companies that set industry standards. For the sake of informing macro observations, the networks of smaller entities — particularly those providing essential goods and services — may be examined. If there’s a bright side to the underhanded activity, it’s that it typically strives to be unobtrusive, but only so it can remain undetected. However, even when the intent to cause harm is not a part of a hack, considering the secrecy that swirls around the event, the businesses that are targeted can never be quite sure.

5. Personal Vendetta Vigilantes

The desire to repay businesses for doing them perceived wrong turns some people into business hackers. More often than not, these aren’t professional hackers; they don’t attack very often, and when they do, it’s not for gain. But this doesn’t mean they don’t possess top hacking skills. If they can hack into a network to begin with, it likely indicates they have worked, or at least studied, in IT. The goal of their attack is typically to publicly embarrass a business or to cause it a major headache internally.

What They Want

These types of hackers want to see a business suffer because they believe it treated them wrongly. If they simply feel offended by what happened, they’re likely to retaliate only once. But they see it as a setback that continues to make them suffer, they may try to make the business do the same.

Who They Target

Hackers who take revenge on a business by attacking its IT typically have one of two targets: a former employer, or the provider of an expensive, essential product or service. An employer is typically attacked because the hackers feel they were fired unjustly. When they target a provider of products or services, it’s often because they feel they were cheated over a deal for something that was necessary and costly, such as a vehicle, or health care.

6. Pursuers of Schadenfreude

Some hackers increase your German diction.“Schadenfreude” means “pleasure derived by someone from another person’s misfortune.” That “someone” is most often a casual observer to the misfortune, but there are also times when he creates it, in the form of hacking. Serving nothing but the hacker’s lust to observe suffering, the severity of this type of attack varies widely. It’s highly dependant on two factors: a hacker’s penchant for sadism and his IT skills.

What They Want

Sometimes, these types of hackers intend to play a serious joke that doesn’t cause serious harm. Less frequently, but not exactly rarely, the damage is heavy enough to seem motivated by revenge. Most of all, these hackers want to see evidence of the misfortune they cause, which they must often do from a public point of view. Causing a business’s customer website to go temporarily offline, as opposed to crashing its intranet, is an example of a preferable result.

Who They Target

Hackers who cause trouble for trouble’s sake have a simple victim selection process: they target businesses that have weakest cyber security, plain and simple. The only thing that refines the attack is the hacker’s desire for observable results.

Contact Us Today for Proactive Protection

Is your business protected against the six types of hackers above? If you haven’t reviewed your cyber security policy recently, the answer could be no. If you need better protection, the good news is that you needn’t implement six different security strategies to be protected. NIC can customize a cyber security solution that proactively protects your entire network against various types of business hackers. Contact us today to schedule a free consultation.

Providing solutions to fit your organization’s IT needs

IT Partner