Understanding Targeted Attacks: The Impact of Targeted Attacks
In the first part of our ongoing series about Targeted Attacks, we discussed what a targeted attack is, what constitutes as one, and how different it is from other types of cyber-attacks. In this latest entry, we’ll be talking about how a targeted attack could impact not only the targeted organization, but also its customers, like how these incidents could put either side in dire financial straits or a severe public-relations fiasco. It could also cause mass unemployment, compromise national security, or stiff penalties for those responsible.
How does a targeted attack affect the target?
The impact of a targeted attack varies, depending on the target and the intent of the attacker. Based on the bigger attacks we’ve seen and the huge, all-encompassing effects they have, here's a list of the most common effects a targeted attack may have on a company in general:
- Business Disruption: The company is rendered unable to perform its daily tasks and operations, either because the attack caused system downtime, or because manpower had to be diverted to deal with the attack itself. This happened with the attack last year on TV5 Monde, where a targeted attack caused the network to shut down its operations, causing 11 channels to completely go off the air.
- Intellectual Property loss: The company’s own intellectual property may be stolen, as in the case of the hacking of RSA, where data pertaining to their SecurID two-factor authentication system was stolen. The Sony hacking incident also resulted in the leak of their unreleased movies as well.
- Customer Information loss: The company’s information database of their customers’ PII (personally identifiable information) may be broken into and stolen, which can result in their customers being at risk for identity theft, blackmail, extortion, or worse. This is one of the most common results of a targeted attack, and was exemplified in breach incidents that involved huge retail chains such as Target and Home Depot, where millions of customers had their PII stolen.
- Reputation loss: The company reputation is tarnished when they are seen as incapable of being trusted with data critical to consumers and/or national security. This may hit them hard enough that the effects extend outside of the digital world, such as the company being sued or the CEO being fired/having to resign. This was seen in the Ashley Madison hack, where CEO Noel Biderman resigned following the incident, and the compromised account owners had to deal with the effects of having their accounts and activities publicly revealed.
- Financial loss: The company may be hit with financial losses either due to legal troubles stemming from the targeted attack (i.e. class-action lawsuits) or a loss of clients (due to bad faith resulting from the attack). The company may also have to spend millions of dollars in reparation of the damages caused, as well as the investment needed to prevent future attacks. This was exemplified in the Target data breach, where the company spent more than US$100 million upgrading their systems to prevent another breach, besides suffering a 46% drop in profits after the attack itself.
How can a targeted attack affect the target's customers?
In cases where the targeted attack results in a data breach and the targeted company has customers, those that the targeted company or organization supports can be at risk for the following:
- Identity theft: with a data breach, the PII (personally-identifiable information) of customers may be leaked, such as real name, address, telephone number and other information. This may be used for malicious purposes by other attacker groups and opportunistic cybercriminals, such as for extortion.
- Blackmail: Cybercriminals may also use the leaked information to extort money from the affected customers, similar to what happened during the aftermath of the Ashley Madison data breach.
- Financial loss: Leakedfinancial information of customers can be used to steal from their online banking accounts.
- Reputation loss: Depending on the kind of information leaked by the data breach, it could also tarnish the affected customers’ reputations, as with the case with the Ashley Madison data breach.
What are the unseen implications of a successful targeted attack?
For the affected company, it will mean more costs to secure their system against possible future attacks, besides having to spend more to regain their clients' trust and rebuild their brands' reputation. This could involve a complete overhaul of their system, their network infrastructure, as well as some public layoffs of those deemed to have been responsible.
The affected organization will also have to cooperate with law enforcement and security vendors in order to find the parties responsible – and all of this can result in more losses for the company. Combine that with the disruption of operations that the targeted attack will cause before, during and after the fact and it can be considered as a ‘killing’ blow to a company—especially one that's reliant on customer revenue.
For the customers, it involves an increasing distrust in big companies and/or government organizations, as well as attack groups becoming bolder with every success. The employees of the targeted company will also find themselves mistrusting their employers, or being publicly shamed/interrogated by irate customers because of their employer’s inability to secure their data.
As we can see, the impact of targeted attacks is far-reaching, and doesn’t just involve the target company. This makes it doubly important for organizations and high-risk targets to ensure their protection. Solutions like the Trend Micro Deep Discovery threat protection platform enable companies to detect, analyze, and respond to modern threats such as sophisticated malware, targeted attacks and APTs.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale