Sony Pictures Breach: 10 Lessons For Business Owners And VARs

Know Adversary Methods

Part of a substantial risk assessment includes gaining an understanding of the organization's adversaries. That includes gaining a snapshot of competitors, understanding the previous threats on the industry and security incidents that may have been handled in-house. Financially motivated cybercriminals steal account credentials, email addresses, personally identifiable information and credit card data. Nation-state espionage threat actors also target account credentials, but typically carry out multi-staged attacks that involve a mixture of low-complexity attacks to gain initial access, and more sophisticated techniques and custom malware to maintain persistence and evade detection. Hacktivists tend to use distributed denial-of-service attacks to disrupt their target. Previous attacks used by Anonymous and other hacktivist groups were so-called smash-and-grab campaigns, out to exploit a website vulnerability and gain access to underlying data. Instead of selling the information on the black market, the data is leaked on underground forums.