If you've seen the news recently, you've likely noticed that several huge companies around the world have come under siege from cyberattacks. But do the hackers do it for fun, or is there a larger reason behind these attacks?
So why do hackers hit huge companies? Is it a one-off or a sign of problems to come?
Which Companies Are Coming Under Siege?
Mid-2021 was a bad time for cybersecurity. It started when hackers managed to take down the Colonial pipeline with an attack. This one attack caused the US oil prices to rise as companies didn't get their usual amount of gas.
Just a few weeks afterward, another attack took down the world's largest meat supplier located in Australia. While it's too early to see the ramifications of this attack right now, it will likely affect the meat industry, just like the Colonial pipeline attack.
These attacks are part of a potentially larger wave of sieges against some of the planet's most sensitive and time-critical industries.
But why are the attackers doing this? Is it for fun or mettle? Are they hired by rival companies, or is it something else entirely?
Why Are Cybercriminals Attacking Critical Businesses?
To better understand what these criminals wanted to achieve, we need to look at their methods. It's not enough to say that a company was "hacked" or suffered a "cyberattack" because those two terms can refer to a wide variety of different methods.
As such, if you take a closer look at what was "hacked" or "attacked," you can piece together an idea of what the attackers wanted to achieve. In this case, both the pipeline and Australian meat company attacks had one thing in common: ransomware.
Ransomware is a nasty strain of malware. It usually hides away in a file, masquerading as something innocent. When the unsuspecting user opens it, it immediately locks down the target device and encrypts all of its files before spreading as far as it can over its network.
Once the ransomware has properly settled in, it makes a compromise: either the victim pays a huge sum of money to an anonymous account, or they'll never get their device and files back. That's why it's called "ransomware"; it effectively holds your PC to ransom.
Just like real-life ransom demands, ransomware developers are in the business for one thing: money. Every time someone pays the ransom, it fuels the developers and encourages them to spread their malware further.
As such, ransomware developers likely did both the Colonial pipeline and meat company attack for the sake of getting financial reward. This goes double after the attackers of the Colonial pipeline apologized for the interruption to public life but reiterated that their goal was "to make money."
Why Do Criminals Attack Big Companies Specifically?
So we know what tactic the cyberattackers used and what their end goal was. However, why did they have to target big businesses that caused such a huge impact on people's lives? Why not go for a company that wouldn't affect civilians around the world?
To answer this, let's compare the Colonial pipeline attack to an imaginary ransomware siege on a local library. In both situations, the attacker wants the victim to pay a ransom so they can make money.
However, the effectiveness of the attack depends on two elements: the effects of the downtime and the amount the victim can afford to pay.
The Importance of Downtime for a Ransomware Attack
Because ransomware locks up a system, it creates downtime. When a company suffers from downtime, it "loses money" as a result. The longer a system is down, the more money the company loses.
Of course, they don't physically lose money during downtime. It's just that the downtime causes a loss in person-hours, which reduces daily profits. So, for instance, if a huge factory makes $2 million worth of product a day, and a ransomware attack forces them to shutter for a day, they have effectively "lost" $2 million.
This element is important to ransomware developers because the higher the cost of downtime is, the more likely the victim will pay to free up their system and prevent further losses.
For our local library, the cost of downtime is meager—perhaps someone gets away with an overdue book or two. However, when the biggest oil pipeline in the world goes down, that's a lot of lost money and a huge amount of pressure to pay the ransom and get the system back in working order.
The Importance of Payment for a Ransomware Attack
Don't forget that the goal of a ransomware attack is to earn its developers money. As such, the bigger the payout from an attack, the better.
If the hacker attacked the library we imagined earlier, how much do you think the hacker would earn? Libraries aren't exactly rolling in cash, so if a ransomware developer hits one with a $2 million ransom, they're unlikely to pay and will instead accept the loss. That means no money for the ransomware developer.
But what's $2 million to the world's largest oil pipeline? It's far more probable that a big company will shell out for a huge ransom, especially if paying up will cost them less than leaving the system locked up.
How Can You Help Defend Against Cyberattacks?
Of course, if you don't work in a big business, it's unlikely that you can do much to prevent these huge ransomware attacks from happening. However, if you do, you have to realize that you are a vector through which a malware developer can spread ransomware.
If you find this hard to believe, take some time to ponder how a hacker gets ransomware onto these huge systems in the first place. You may be imagining a Mission Impossible-esque scene where a hacker slowly descends from a wire, dodging laser beams to reach the computer. The reality is more boring than that.
Typically, a malware developer delivers the payload by shooting an email to the employees of the company. The email contains a malicious extension that contains ransomware. All it takes is for one employee to click it, and the ransomware deploys and spreads across the company network.
As such, if you work for a large company, you are at the forefront of the cyber warfare scene. So naturally, therefore, it's up to you to ensure you don't download anything nasty and send your entire company into ransomware hell!
Of course this is similarly true for individual accounts: ransomware is a big threat to everyone.
Big Business Means Big Money for Ransomware
One could argue that it's selfish for ransomware developers to target big businesses, especially if their malware affects innocent civilians too. However, as long as there are time-critical systems, they will always be a prime target for ransomware developers who want to make a huge amount of money.
Ransomware doesn't just target big businesses, however; you'll sometimes find some out in the wild attacking individuals rather than companies. As such, it's a good idea to wise up on ransomware, how it works, and how it can affect you to prevent future headaches.
Image Credit: JARIRIYAWAT/ Shutterstock.com