Profiling cybercriminals: Whose attacking network security systems?
The recent high-profile data breaches at major retailers across the country have brought payment processing security to the forefront of industry discussion. Regardless of the size of a company, protecting sensitive customer information is of the utmost importance. Business owners must recognize not only where they may be susceptible to an attack, but also who the perpetrators are.
According to a recent Jumio® infographic, cybercriminals are relatively cookie-cut in that their demographic is largely the same. More specifically, the majority of cyberthieves are between 29 and 49 years old . Nearly three-quarters of these individuals are male, and more than half work in groups of six or more members. Another 25 percent of these people have operated for six months or less, but that's not to demean their hacking capabilities.
Where do they come from?
Regardless of how much or how little experience these hackers have, business owners need to be aware that cybercriminals are a threat to their network security. Even if hackers have less than six months experience working together, they're likely in the position they are now because they possess a deep knowledge of digital technology and coding. Cyberthieves work in tandem and often do so from varying locations - a strategy used to limit traceability to the source.
Jumio found nearly half of global attack traffic germinates from the Asia-Pacific region, while another 28 percent arise from Europe. Just 19 percent of attack traffic accounted for came from North and South America. Cyberthieves can work with one another, thanks in part to remote hosting providers. These servers - most of which are located in Russia and China - store illegal code, malware and stolen data. Cyberthieves can also communicate with one another in real time through chat rooms on underground Web portals and marketplaces.
These illegal markets are buried deep in the internet, far beyond where the common consumer is used to visiting. Underground sites are a conduit for criminals to hire other hackers and buy malware and other potentially harmful software. These websites are also typically where consumer credit card information is auctioned off to the highest bidder.
What motivates these criminals?
The depth of knowledge of each criminal may vary. So too do the motivating forces behind each cyberattack. According to Marcus Rogers, head of cyberforensics research at Purdue University's department of computer technology, the desire for an attack can fall between a simple adrenaline rush and acquiring mass amounts of stolen capital.
Rogers added revenge and criminal status are two other major motivations for serious hackers.
Whatever the case may be, it's critical to understand that any type of business, regardless of its size, may be susceptible to a data breach. Those that aren't prepared to protect their customers' sensitive information could be legally liable and face drastic penalties, in addition to crippling financial loss.