How Hacker Companies Operate Like Real Businesses

October 10, 2020

It’s all part of the day-to-day running of a business: sales and marketing, ROI, quarterly performance statements, investment reports, salaries, bonuses, and expense accounts. Any organization must account for all of these elements, including those in the hacking industry. “Hacker companies” run their operations just like any other, and they’re raking in the money every step of the way. In fact, a mid-level cybercriminal can make up to about $900,000 a year if they’ve got the skills.

Hackers have become more complex than ever, and organizations must know how to protect themselves against these groups of highly sophisticated cybercriminals. Keep reading to learn what a hacker company is, how they operate, and how you can stop them from infiltrating your network.

What is a Hacker Company?

A hacker “company” is honestly just like any other operation that needs financial backing. There is a group of skilled hackers who will accept hacking tasks and work together to get the job done. As mentioned, this is a lucrative business. Cybersecurity Ventures forecasts cybercrime to cost the world $10.5 trillion annually by 2025.

Hacker companies need investors who will front the cash to pay experts, who in turn will deliver the goods. You could imagine what a “Bad Guy Hackers Inc.” board of directors meeting looks like: “Guys, we got a big contract to get the medical records of the clients of X insurance company. The client wants it done by Y date, and they’ll pay us a bonus if we deliver early. The project is going to cost Z dollars, do we have that, or do we have to go out and raise it?”

How Do Hacker Companies Work?

When a hacker group decides to take on a job, they look at the costs, the resources, the risks, and anything else a “regular” company would. And like any other organization, hacker “companies” will seek to maximize their profit and minimize their outlay – and they’ll do that by taking the path of least resistance.

For professional hackers, that means, among other things, developing ways to ensure that they can deliver their payload. In order for hackers to do their jobs — whether it’s stealing information from company databases, or inflicting malware on an unsuspecting target — they need to get their code onto the target’s computers or servers.

What’s the best way to do that? Statistics show that phishing messages are the most efficient delivery method for malware. Ninety-one percent of successful malware attacks in recent years arrived via email that was opened by victims, enabling hackers to implant trojans that would deploy and infiltrate the network. Meanwhile, over 30 percent of all phishing messages are opened by targets, despite ongoing educational efforts by companies urging employees to avoid opening “suspicious” messages. This means that hackers can rely on phishing messages (usually with a “touch” of social engineering provided by Bad Guy Hackers Inc.’s resident psychologist). Those statistics are what makes hacking such a lucrative career path; victims are so compliant in enabling hackers to spread their malware, that it’s almost as easy as taking candy from a baby.

Preventing an Attack from a Hacker Company

Now, let’s talk about the victims’ side. Knowing what we do about how Bad Guy Hackers Inc. operates, it stands to reason that the number one way to protect ourselves from them is to cut off their access to our inboxes. If phishing and social engineering are so effective in enabling hackers to succeed, ensuring that they cannot reach targets is the best way to stop them.

How, then, should we defend ourselves? There are three basic methods that will help prevent poison messages from hitting user inboxes. Some are more effective than others, so let’s take a look at each has their the advantages and disadvantages of each:

1. Antivirus/Filters:

For years, signature-based filters and antivirus programs have been the standard method of fighting malware. The system is very effective against known malware – but not as effective against zero-day attacks. In the second quarter of 2020, about 67 percent of all malware consisted of zero-day attacks. This means that while e-mail filters may slow down hackers, it won’t stop them. And what professional hacker worth his or her salt would use “off the shelf” code anyway? While antivirus is a popular method, it simply does not get the job done these days. In order to keep your network completely safe, you will need stronger security measures in place.

2. Sandboxes:

More sophisticated than anti-virus programs, sandboxes have the capability of examining messages before they get to users’ inboxes, so they could be an effective method of preventing malware from infiltrating systems. If a message checks out, it is allowed to advance to a user’s inbox; if not, it’s trashed.

Unlike anti-virus programs, sandboxes don’t require a signature file to work; if something seems anomalous, the sandbox will keep it out. However, malware often comes attached to legitimate messages — and the sandbox, unable to differentiate between the elements of a message, will prevent the entire message from going through. As a result, the flow of work is interrupted.

In addition, sandboxes are unable to examine VBA (Visual Basic for Applications) macro malware, often part of Word documents. If a message appears clean, and the attachment is a simple Word file, the sandbox will wave it through – with targets still providing hackers with opportunities to earn their pay.

3. File Sanitization 

A relatively new technology used by several vendors in the industry keeps malware away by dissecting incoming messages, files, or links that try to make their way onto a server. Located in a buffer area before the company network,. Using file sanitization, CDR systems examine all incoming files to their lowest data level — and check all files for any known threats. Thus, any malware, zero-day or otherwise, gets “arrested” before it finds its way to a user’s inbox — cutting off the hacker’s “easy pass” entry into the network.

Security analyst firms, including Gartner, have suggested that more and more organizations will need to add CDR into their arsenal of tools to protect against the ever-growing threat of cyberattacks. This is due to the fact that the effectiveness sandboxes once had in stopping hackers in their tracks has long dissipated. For example, the recent Colonial Pipeline attack easily evaded traditional security measures and left many organizations without any time to react. In other words, detection-based solutions are no longer enough, and file sanitization is the way of the future.

Staying Safe with Votiro

When an organization implements Votiro’s Secure File Gateway (SFG), highly paid hackers have to work a lot harder for their money — which means that they will probably seek their fortune on some other organization’s servers. Powered by our Positive Selection technology, our SFG utilizes file sanitization to ensure only the safest elements of a file enter your organization. With Votiro, you won’t ever have to worry about falling victim to a hacker company ever again. And the next board meeting of Bad Guy Hackers Inc. is probably not going to be a pleasant one.

If you’re interested in learning more about what Votiro has to offer, schedule a demo or contact us today.