Cybercriminal gangs motivated by money, espionage or hacktivism have grown their operations from a hit-or-miss shotgun approach to tightly targeted hits that pool the skill sets of professional villains. Attacks are precise and calculated. When successful, they yield extraordinary ROI for hackers and often cause crippling damage and costs to businesses, government agencies and consumers.
This IDC Spotlight stratifies threat actors into three categories and summarizes the ways in which criminal groups infiltrate enterprises to drain corporate accounts, steal IP, encrypt data and extort businesses for ransom.
“The drumbeat of high-profile data breaches over the past decade has repeatedly highlighted the failure of organizations to effectively apply basic security best practices,” said Robert Westervelt, research manager in IDC’s Security Products group. In this article he offers three best practices to reduce the risk of data theft.