A new year and hacking is already dominating the headlines. Royal Mail confirmed a cyberattack on 10 January, which left it unable to dispatch items abroad; highly confidential documents from 14 schools were leaked online; the owner of KFC and Pizza Hut was forced to close 300 UK stores after a ransomware attack; and T-Mobile in the US admitted a hacker accessed the personal data of 37 million customers. It’s the eighth time the company has been hacked in the past six years.
Uncovering the bad actors behind such nefarious events is often hard to do. In the Royal Mail’s case, a member of the LockBit hacking group came forward to accept the credit. It’s fast becoming one of the most prolific ransomware gangs in the world. Experts say their “Ransomware as a Service” model hit more than 850 victims in 2022, mainly in the US, UK and Europe.
As the use of technology has grown in recent years, so too has the number of individuals looking to exploit its weaknesses (and those of the people that rely on it). Every 39 seconds there’s a new attack somewhere on the web, with 300,000 new pieces of malware created every day. But who are the shadowy figures behind the keyboards? How do they find weaknesses to exploit? And why do they hack at all?
Mostly for the money
While some hackers do it for fame, because they’re disgruntled ex-employees or because they view hacking as sport, the majority of cyber criminals do it for the money. Verizon’s 2022 Data Breach Investigations Report found that 86% of the data breaches they analysed were financially motivated. That may mean holding systems or files hostage until a ransom is paid (known as ransomware), stealing personal customer data to carry out identity theft directly, or selling information on the dark web for others to use. Ransomware attacks increased by nearly 500% between 2020 and 2021, with the average ransom payment climbing to more than US$200,000. Cybersecurity Ventures believes the estimated cost of cybercrime will grow by 15% year on year to reach $10.5 trillion by 2025. That would make it the third largest economy in the world, after the US and China.
Small businesses are on the target list
It’s often the big businesses that make the headlines but attacks on UK SMEs are on the rise. Research in 2022 found half of small and medium sized businesses have suffered a cyber attack, and 54% of those have suffered a financial loss. Most of these incidents were ransomware and phishing, both of which tend to target employees. Manipulating employees to divulge sensitive information is the easiest method of gaining access to a computer system, and the rise in remote working during the pandemic gave criminals new vulnerabilities to exploit. Yet despite the threat that SMEs face and the cost of a breach, which can stretch into thousands of pounds, only a quarter of SME leaders see cybersecurity as a top priority.