86% of hackers don't worry about repercussions
Posted on 14 August 2014.
Thycotic announced the results of a survey of 127 self-identified hackers at Black Hat USA 2014. The survey found that 86% of hackers are confident they will never face repercussions for their activities. In a double-edged sword conundrum, 88% of respondents also believe their own personally identifiable information (PII) is at risk of online theft.


Asked which types of employees they would most likely target first in order to gain login credentials for a particular company, 40% of the hackers polled indicated they would start with a contractor. This is especially relevant, given that Edward Snowden was a contractor, and used his privileged access to steal sensitive NSA documents.

Additionally, 30% of respondents would first target IT administrators, highlighting the importance of locking down access controls to privileged accounts.

Other key findings from the survey include:
  • More than half (51%) of hackers say their actions are motivated by fun/thrill seeking, while only 18% say they are motivated by financial gain.
  • Meanwhile, 29% claim they are motivated by social consciousness or a moral compass.
  • 99% of respondents believe that simplistic hacking tactics such as phishing are still effective.
  • 53% of hackers do not believe users are learning to avoid such tactics.
"The motivations and inner workings of today's hacker community have always been somewhat mysterious, but the damage they can do to an enterprise is painfully clear," said Jonathan Cogley, founder and CEO of Thycotic. "Understanding why hackers do what they do is the first step as IT security teams take measures to better control and monitor access to company secrets. Organizations need to do a better job of protecting the passwords and privileged login credentials associated with contractors and IT administrators, as these employees are a huge target for cybercriminal activity."






Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //