Hackers Today Act More Like Small Businesses Than Thieves

MAY 20, 2016 • Blog Post • BY SUE POREMBA, HPE MATTER

IN THIS ARTICLE

  • Hackers are no longer one-person operations—they actually behave like small companies, with customer support services and accounting teams
  • Like any business, hackers want to make the most amount of profit with the least amount of effort

New HPE report details how today’s cyber criminals operate more like sophisticated small businesses than teenage troublemakers

Forget the stereotype of a hacker as a twenty-something male huddled in a corner of his parents’ basement figuring out how to break into networks late at night. Today’s hackers have more in common with the folks who operate your favorite coffee shop or e-commerce sites than they do with kids looking to cause trouble.

Hackers aren’t just one-person operations. According to a new report from Hewlett Packard Enterprise (HPE) titled “The Business of Hacking.” The report found that hackers actually behave like small corporations.

“Hackers are working together in specialized roles,” explained Kerry Matre, senior manager, Security Portfolio Marketing with HPE. “They have all the pieces of a sophisticated business just like any other organized business.”

In addition to the programmers and developers, there are also those who handle customer support services and financial interests. The “employees” are recruited and vetted, just like they would be in any other type of business.

  • Hackers are working together. They have all the pieces of a sophisticated business.

Not every hacker is a sophisticated computer user. Instead, cyber crime organizations depend on diverse skill sets to help each other. What sets hacking businesses apart from other SMBs is that hackers are a bunch of contractors who are anonymous to each other.

Successful small businesses always keep an eye on what their competitors are doing. It really is a matter of keeping up with the Joneses—if your business isn’t able to stay up with trends and
technology, your sales will suffer. Matre pointed out that because hackers operate so similarly to small businesses, they need to be taken as seriously as any other competitor.

“When our businesses are looking for ways to innovate, or release new products, or even move
infrastructure to the cloud, we need to take hackers into consideration and how they look at us as a way for them to make money,” Matre said. 

Like any business, hackers want to make the most amount of profit with the least amount of effort. That’s why Matre advises SMBs to think of hackers as competitors rather than adversaries. But instead of thinking how your competitor is running the business to be more successful than yours, consider what you are doing to make your business a target for hackers. “If I’m less of a target and harder for them to attack, they’ll move on to someone else.” 

Protect your business from professional hackers. CLICK HERE TO LEARN HOW.

The report also discovered that the opportunities for hackers are very similar to those for the average small businesses. “We see them moving toward theft models,” Matre explained. “They are able to rent botnets to perform their attacks, and they outsource tool creation. They are even turning to mobile payments.” 

However, no matter how much hacking mirrors the small business model, there is one huge difference: cyber criminals don’t want you to know about their operation. Instead, they wheel and deal in underground marketplaces.

Because everyone is anonymous in these marketplaces, there is a huge sense of paranoia toward newcomers. To be able to operate, hackers need to build a good reputation. “You can develop your reputation as an attacker or by providing goods and services or intelligence to the community,” Matre said. 

“That’s how many small and medium-sized business works,” she added. “You need to build up your reputation, show how good you are and that your services are strong and unique.”

To read the full results from HPE’s “Business of Hacking” report, CLICK HERE.

For more information, download HPE’s third annual State of Security Operations whitepaper and 2016 Cyber Risk Report.

RELATED NEWS