Yes, Even You are a Target

There are a lot of very naughty people who want to take the information our organizations have, all of us. It’s their full-time job to figure out how to get it and they use any means necessary – human ingenuity is a powerful thing.

Here is an example just to give you a peek into the scope of what I mean.

Much of this all takes place on the dark side of the Internet, it’s actually called the Dark Web (clever name, good branding, easy to remember). This is where criminal information sharing takes place. Don’t google it, trust me. When I say ‘a lot’ of naughty people, I mean a helluva lot. Reportedly the Dark Web is 500 times larger than the Internet you and I use every day, that’s a lot of websites, web traffic, and users in there.

So while you can’t immediately think of why your particular information, analysis, data, emails, and shoe sizes would be wanted by anyone, there are armies of people motivated to get it, potentially sell it to someone, who could sell it to someone else who could find a use for it. It’s like a really evil combination of Craigslist and Angie’s List for cybercrime information and services but 500 times bigger, completely anonymous, using invisible currency.

For the price of two cups of Blue Bottle coffee, someone can be hired to make your website unavailable for an hour via a denial of service (DDoS) attack – and for the right website, an hour of downtime could mean millions in loss. The point is, there are a lot of bad people highly motivated to do anything for a quick buck and a very, very big market for shenanigans.

You could also be a pretty small entity or organization, a fundraising community or a services firm or online community with privileged information that bad guys could use to get to someone or some other company. Without knowing it, threat actors can play hopscotch in your infrastructure to get to something else.

You can see an incredible infographic of the world’s biggest breaches and it allows you to filter and sort by your industry and type of compromise.