“The Reasons behind cyber attacks” (Cybersecurity for business)

Every business, regardless of its size, is a potential target of cyber-attack. That is because every business has key assets criminals may seek to exploit. Sometimes that is money or financial information. At other times, it may be the personal information of staff and customers, or even the business’ infrastructure.
By recognizing the common motives behind cyber-attacks, you can build a better understanding of the risks you may face, and find out how best to confront them.

Why do cyber-attacks happen?

Most often, cyber-attacks happen because criminals want your:
• business’ financial details
• customers’ financial details (eg. credit card data)
• sensitive personal data
• customers’ or staff email addresses and login credentials
• customer databases
• clients lists
• IT infrastructure
• IT services (eg. the ability to accept online payments)
• intellectual property (eg. trade secrets or product designs)
Cyber-attacks against businesses are often deliberate and motivated by financial gain. However, other motivations may include:
• making a social or political point – eg. through hacktivism
• espionage – eg. spying on competitors for unfair advantage
• intellectual challenge – eg. ‘white hat’ hacking

The key point to note is that cybersecurity threats don’t always come from anonymous hackers or online criminal groups. Vulnerabilities can arise within your own business too.
Types of cyber attackers: insiders and outsiders
Cyber attackers broadly fall under two categories: those that pose threats to your business from the outside of your organization, and those that present risks from the inside.
Insiders
Anyone with physical or remote access to your organization’s assets can open you up to cyber risk. For example:
• trusted employees accidentally misplacing information
• careless employees remiss of policies and procedures
• disgruntled employees or ex-employees intent on damaging your business
• malicious insiders with legitimate access to critical systems and information

Business partners, clients, suppliers, and contractors with access to your business-critical assets can also present risk.
Outsiders External cybersecurity threats can come from a variety of sources, including:
• organized criminals or criminal groups
• professional hackers – whether malicious or not
• amateur hackers – sometimes known as ‘script kiddies’
In order to manage cyber risk, regardless of its source, you should fully understand the range of motivations behind possible attacks. if it does happen to your business.

Why is cybersecurity important?

Cybercrime can potentially seriously disrupt and damage your business. As well as commercial losses and compromised reputation, attacks can expose your business to:
• regulatory action or negligence claims
• inability to meet contractual obligations
• loss of trust among customers and suppliers