As the methods of cyber criminals evolve, so will their motives. With this in mind, we may see a change in the way society perceives the hacker as they embrace new aims beyond simple financial gain.
The stereotypical image of the hacker is that of a criminal attempting to breach companies’ defences for financial gain. However, this could change to one more comparable to a protester or activist. Recent years have seen the grow of widespread protests for political, economic or environmental causes.
This and other cybersecurity trends was explored in The Future of Cybersecurity: 2020 Predictions, published by Finextra Research.
Financial services businesses should be aware of cyberthreats that are designed for protest rather than theft. These come in the form of Distributed Denial-of-Service (DDoS) attacks, an example of which took the UK Labour Party’s website offline in November 2019.
It may be common in the wake of a DDoS attack for the party targeted to state that the threat was identified and dealt with without any compromise of data. This is however not necessarily the point of such an attack. DDoS cybercrime should be compared to a sit-in or some other form of public protest. Therefore, any disruption to the targeted website is a victory for the offensive party.
“There’s a whole range of different threat actors out there, so you need to think about who they are and what are their motivations,” Steve Holt, partner at EY, says.
“DDoS attacks have been used against banks for a long time and will continue to be used as means to disrupt financial services. The complexity of these attacks will continue to increase.”
“These types of attack are meant as an annoyance to financial institutions, but they can be used in combination with sophisticated attacks of this nature to disrupt or slow down financial services’ business,” head of EY’s EMEIA Cyber Centre of Excellence.
Means and motives
Public protests often target the world of finance and business whether directly or indirectly. The Extinction Rebellion protests in October for example blocked roads outside the Bank of England and specifically targeted planes at the single-runway but business-centric City Airport rather than the far larger Heathrow.
In this context, it is conceivable that such movements will swap blocking roads and mounting tube trains for DDoS attacks on large companies with the help of seasoned cybercriminals.
Dries Watteyne, head of SWIFT’s cyber fusion centre, however believes the ultimate motive of hacks is and will continue to be financial gain.
“When we conduct forensic investigations for our customers, we see an increasing level of sophistication from cyber criminals in how they go about de-frauding banks.
“DDoS attacks are used to obstruct or disrupt an organisation, rather than to fraudulently obtain money, so I don’t think it falls under the umbrella of what cybercriminals are using to target financial institutions in the payments space but that doesn’t mean we can ignore them.”
“DDoS attacks are akin to staging a protest outside your bank branch,” sums up Horvath. “However, they could be used as a diversion while the Ocean’s 11 team are climbing up the walls!”
Either interpretation points towards the means and motives as well as the common image of the hacker evolving, which financial institutions need to be aware of.
“It’s possible the hacker subculture is, and always was, somewhat misunderstood,” states Inga Schorno, head of information security at Tandem.
“It’s likely that they are perceived as deviant criminals, but in reality, hackers are individuals who love technology and find it a challenge to expose flaws within the existing structures and systems.
“It’s likely that their motives are evolving or changing. If financial institutions are observing and thinking about it from that perspective, they could look to better focus their security efforts on these new motives.”
Click here to download 'The Future of Cybersecurity: 2020 Predictions'.