by Heino Gevers, Senior Director Customer Support at Mimecast
According to Mark T Hofmann, a business psychologist that specialises in profiling cybercriminals, the perpetrators of cybercrime are often 'clever psychopaths' who are proud of the damage they do and feel little remorse for their actions.
And while psychopaths typically lack the ability to feel empathy for their victims, the most effective ones are those that have enough of an understanding of human emotions and behaviour to apply that knowledge in their attempts at manipulation.
In the case of cybercrime, this often comes in the form of sophisticated social engineering attacks that can be very hard to defend against.
Smart, educated, motivated.
Cybercrime is a broad term that covers everything from romance scams and illicit sales on the dark web to cyber warfare between nation states.
However, the cybercriminals plaguing South African businesses are usually known as black hat hackers and choose the path of criminality for financial gain or due to an underlying ideology.
Expert opinion is that a typical black hat hacker is a young, well-educated male from a good socio-economic background. Most started experimenting with hacking at an early age, between 10 and 15 years old. And, due to their high level of skill and technical proficiency, most could easily secure employment with any of Silicon Valley's top tech companies.
The reasons why hackers choose a life of crime over a career at a top tech company vary. While most black hat hackers are motivated by financial gain, Hofmann also points to an underlying ideology of digital anarchism. Such hackers distrust the state and 'the system', and see themselves as fighting back against it. In some cases, hackers even see themselves as doing good through so-called 'hacktivism'.
Understanding the motivating factors behind cyberattacks may help security professionals develop suitable defences and prevent end-users from falling victim to these threats.
Preparedness, awareness the best defence
How do companies - and people generally - defend against the manipulation of cybercriminals?
Firstly, every organisation needs to invest in appropriate cybersecurity tools that provide layered protection against various attack types. Since most attacks - nine out of ten by some estimates - utilise email in some way, effective email security is essential.
In light of the astronomical growth in the use of collaboration tools, organisations need to invest in security tools that protect this vital mode of communication, to ensure their users are always able to work protected. However, new research from Mimecast shows that despite South African cybersecurity leaders’ confidence in their cyber readiness (72%), the threat of attacks via collaboration tools remains immense, and almost all organisations (93%) have suffered a cybersecurity threat stemming from them.
The research also found that 70% of surveyed employees said they are likely to click on a link to an unfamiliar website or source if they receive it from their line managers. Criminals know that employees are more likely to act on communication from people of authority, so they design their attacks to take advantage of this. They also know that employees are under the impression that every person using the same collaboration tool is a genuine member of their organisation since the tool appears to operate in a closed environment. But this is an incorrect assumption, as proven by the recent news about Russian government-linked phishing attacks on dozens of businesses via Microsoft Teams.
It is essential that organisations provide effective and ongoing security awareness training to all levels of employees to ensure they can identify and avoid potential cyber risks.
Human error is involved in more than 90% of security breaches. By improving security awareness among employees, organisations can minimise risk, prevent data breaches, save money and protect their reputations.
However, our research found that when it comes to collaboration tools, cyber decision makers are overconfident in the readiness of their organisations to combat cyberattacks via these platforms. Seventy-nine percent felt their organisation had effectively communicated the security vulnerabilities to their employees. This directly contradicts the fact that 41% claim they have not received any collaboration tools security training, and only 8% say they have received dedicated training separate from the wider cybersecurity training offered by their organisation. In today's hybrid working environment, this is concerning, and it’s clear that the training organisations are offering is not sinking in.
It’s also critical that security awareness training is not seen by employees as a punishment for making a mistake or failing an internal phishing test. After all, the people clicking on links or opening attachments are not top security professionals looking for some excitement. They are normal people going through their normal workdays.
By building a culture of cyber awareness that brings the benefits of security awareness to life in meaningful ways, security teams can greatly improve their defences and protect against the hackers seeking to infiltrate their organisations.