Cyber Criminals are individuals or teams of people who use technology to commit malicious activities on digital devices or networks with the intention of stealing sensitive company information, personal data, or generating profit. Cybercriminals are known to access the cybercriminal underground markets found on the Dark Web to trade malicious goods and services, such as hacking tools and stolen data. Cybercriminal underground markets are known to specialize in certain hacking products or services.
Cyber Criminals can be broken down into Five different categories:
Script Kiddies: Hackers who hack using other people’s software, oftentimes bought on the Dark Web. These hackers do not typically have the skill to write their own exploits or code their attacks.
Organized Crime: These hackers hack for financial benefit. These hackers can be working on behalf of large hacking operations.
Nation-States: These hacking organizations hack to benefit their nation from intellectual property theft, physical protection, or global advantage perspectives and motivations.
Hacktivists: Hacktivists hack for a social, political, or activist cause. They are not motivated by financial gain, curiosity, or national advantage.
Black Hat, Grey Hat, and White Hat hackers: Hackers with varying motivations, goals, and objectives. Black Hat hackers hack strictly for their own pleasure and benefit. Grey Hats hack for good and for illicit purposes depending on the situation. White hat hackers, hack for the benefit of society, businesses they support and try to limit any damage through unethical disclosure of hacking exploits they identify.
Recommendations for Business Owners
In order to stay secure, your company needs to take proactive measures to reduce its chances of being compromised by cyber-criminal attacks. CyberHoot recommends the following best practices to avoid, prepare for, and prevent damage from these attacks:
- Adopt two-factor authentication on all critical Internet-accessible services
- Adopt a password manager for better personal/work password hygiene
- Require 14+ character Passwords in your Governance Policies
- Follow a 3-2-1 backup method for all critical and sensitive data
- Train employees on cybersecurity skills they need such as strong password hygiene and how to spot and avoid phishing attacks
- Test that employees can spot and avoid phishing emails by testing them
- Document and test Business Continuity Disaster Recovery (BCDR) plans
- Perform a risk assessment every two to three years
Start building your robust, defense-in-depth cybersecurity plan at CyberHoot.
If you would like more information on this topic, watch this short video:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like. You might have seen some of these resources on our social media outlets, which are also listed below for your convenience. Give us a follow!
- CyberHoot’s Blog
- Cybrary (Cyber Library)
- Infographics by CyberHoot
- CyberHoot’s Monthly Newsletters
- CyberHoot Press Releases
- CyberHoot Platform Instructional Videos (HowTo) – very helpful for our Super Users!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’. Sign up for the monthly newsletter to help CyberHoot with its mission of making the world ‘More Aware and More Secure!’