One of the great advances in cyber-crime of the past five years has been the utilization of “big data” to target market victims. You can think of the marketing similar to how businesses would look at segmenting a market. Attacks can be “horizontal”, “vertical” or “targeted” in approach. By using publicly available information and their own data stores, criminals are able to segment the market and use marketing techniques to trick victims into clicking.
Data sources for the attacks include LinkedIn, Google, Facebook, Hoovers, and dark web data sources. There are third party apps that gather data through data sharing agreements with all of the big data gatherers and reconstitute the data in more usable forms. For example, it isn’t easy to pull a list of all the employees in the US that have the title Human Resource Manager from LinkedIn. Using an app like Growbots, that data is just a few clicks away. The demographic data obtained would include name, title, address, phone number, and e-mail address. As the criminal works through their marketing campaign, they determine what type of attack they are going to initiate, and then begin the work of gathering data. For horizontal campaigns, the criminals target a specific department most companies have, like Human Resources or Accounts Payable, and get a list of managers for that department. For vertical campaigns, the criminals may select an industry, like healthcare, and get a listing of doctors and practice managers. Examples of horizontal and vertical attacks include Ransomware attacks across many departments and businesses around the globe.
State sponsored criminals are more likely to target specific companies. These companies would be of interest for military purposes, financial gain, or for top-secret information. In targeted attacks, criminals will also use physical access to the target’s offices to look for clues on how to penetrate defenses. Yes, dumpster-diving is alive and well even in this high-tech age. Criminals will pretend to be employees or vendor service representatives to gain access to facilities in search of login credentials for future attacks. In order to spend the time and resources for physical attacks, the data to be obtained has to be of very high value. The Wall Street Journal recently reported that public utilities had recently discovered they had been breached and that criminals had the ability to impact the delivery of services. Other examples include the attack by North Korea on Sony after the release of a motion picture critical of the North Korean leader.
The question isn’t whether your company has been the target of a cyber-attack, the question is whether your company has technology in place to stop successful attacks and that your employees are trained to be on-guard for well-crafted marketing campaigns of criminals. Without these measures in place, it's only a matter of time before cyber-criminals compromise your business.
Click HERE for more details on target marking.