Network defense must improve as hacking profession matures

Network defense must improve as hacking profession matures

Cybercrime is becoming a lucrative business, and the low cost of entry coupled with a potentially high return on investment has fueled the spread and sophistication of the hacking profession. And like any other business, it’s maturing as cybercriminals hone their skills and tools.

A new white paper from security firm Kaspersky Lab provides insights into the cybercrime ecosystem, which can help security officers to better defend networks:

More efficient tools. Kaspersky Lab’s research found that while the number of new malware files fell in 2015, the number of users affected grew by 5 percent, indicating that less expensive attacks targeting high-value accounts is delivering a better ROI. Forty percent of ransomware victims, for example, pay to have their data unlocked. Cybercriminals are also using encryption to make the detection and analysis of malicious code more difficult.

Better targeting. Small and medium sized businesses are increasingly targeted, especially subcontractors to large organizations. A successful attack could give hackers access to the “mother lode” of information stored in larger enterprises, the way stolen network credentials from an HVAC contactor paved the way for the Target breach.  The Department of Homeland Security reported 31 percent of cyberattacks are aimed at business with less than 250 employees, Kaspersky noted.  Additionally, Kaspersky found peak activity occurring Monday through Thursday, when an average of 80 percent of distributed denial of service attacks take place.

International access. According to Kaspersky, cybercriminals use anonymization technology such as Tor and Bitcoin to hide command servers and financial transactions They also prefer hosting services in countries where the hosting market is well-developed.

Insiders. Employee fraud costs small and medium sized business  up to $40,000 on average.  For larger enterprises, this figure exceeds $1.3 million. 

Cyberhygiene. Aside from the malicious insider threat, employees’ poor cyberhygiene can also cause irreparable damage to network security. Kaspersky research discovered that the largest single cause of data loss stems from employees, who accounted for 42 percent of confidential data lost in 2015.         

Download the Kaspersky report here.

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected