There has been a considerable rise in a cyberattack phenomenon called cyber big game hunting. With cyber big game hunting, hackers target large firms instead of smaller organizations and individuals. The reason? Attackers are aware that larger enterprise companies can afford to pay higher ransoms.
Just as hunter-gatherers drove elephants off a cliff using their coordinated hunting skills, present-day cyber attackers select, study and attack large companies using their coordinated hacking skills.
How Cyber Big Game Hunters Attack (and What This Means in Cybersecurity)
Both individuals and groups can perpetrate ransomware. However, it is usually organized criminal groups that attack large corporations. These groups may even be state-sponsored players. (State-affiliated or sponsored actors spread ransomware to further their patron country’s political, commercial or military interests.) Businesses are specifically at risk here because most insurance policies exclude coverage for state-sponsored attacks.
Unlike common phishing campaigns, where the main aim is to spread malware to the extent possible, big game hunting exploits specific vulnerabilities of a single, high-value target. Detecting such attacks requires AI-powered tools. These tools learn what’s normal for each unique user and device and use that information to detect subtle signs of unusual activity indicating potential cyberattacks.
Cyber big game hunters select and study specific targets based on a set of criteria. They then use more and more sophisticated methods to install ransomware on their victims’ systems. Typically, most big game hunters spend several months staking out your organization’s IT system before installing malware. The length of time big hunters are in your system is frightening, but it also means you have more time to discover the impending attack before any damage occurs. Usually, modern cyber criminals access networks by exploiting weaknesses in Remote Desktop Protocol (RDP) servers.
The Frequency of Big Game Hunting in Cybersecurity
As the ransom amount from these cyberattacks increases, so does their frequency. A Malwarebytes report found that businesses detected 365% more ransomware attacks in the second quarter this year than they did for the same period last year.
Another report by Coveware stated that between the first and second quarters of this year, the average ransom amount has nearly tripled from US $12,762 to US $36,295. For the best defence against big game hunting attacks, your business should have an active approach to cybersecurity instead of a reactive one. A proactive system is practical only if you know the specific cybersecurity threats that put your organization at risk.
Common targets of this type of ransomware generally include:
Any organization that is privy to intellectual property, personal data, and medical records
Since cyber big game hunters are sophisticated actors, often working as part of an organized group to take down significant targets, they are sometimes suspected to have ties to government agencies or prominent public figures.
What Can Organizations Do to Protect Themselves?
Since the direct and indirect costs of ransomware attacks have increased, large organizations need to develop a renewed approach to cybersecurity. In the process, companies should re-evaluate the techniques they use for intruder detection and incident response.
There are different ways in which businesses and organizations can safeguard themselves against such sophisticated ransomware attacks. For example, organizations increase their risk of cyberattacks because their security staff and managers do not communicate effectively. These attacks cannot be traced to a specific branch or department. Managers, for example, are frequently unprepared and untrained in cybersecurity, limiting their ability to respond to threats.
All employees need to be trained well on the kind of threats they might face and should have at least a basic understanding of how to recognize those threats. As we become more dependent on technology and cybercrime becomes more of a threat, it is critical to educate all employees and share the defence responsibility with the entire organization (not just the security teams).
Additionally, organizations need to develop and implement a robust cybersecurity policy to outline their cyber defence strategy. A strategy should include the assets and data that need to be protected, the specific threats to those assets and what security tools and processes have to be adopted to deal with these threats.
Frequently Asked Questions About Big Game Hunting
"What is the #1 cybersecurity threat today?"
Ransomware is said by many to be the #1 cybersecurity threat today, and the Packetlabs team agrees. As such, being aware of the threat that big game hunters pose is essential for strengthening your security posture before valuable data is lost.
"What are the four main types of vulnerabilities in cybersecurity, and how does this relate to game hunting?"
The four main types of vulnerabilities in IT are defined as network vulnerabilities, system vulnerabilities, process vulnerabilities, and human-caused vulnerabilities. Consistent employee training and periodic penetration testing are vital to ward off big game hunters from exposing a minimum of one of these vulnerabilities.
"What are the 5 steps of vulnerability management?"
Vulnerability management is broken down into the phases of Assessment, Prioritization, Action, Reassessment, and Improvement.
"Is cybersecurity worth investing in?"
Cybersecurity is a valuable investment. Not only does this save businesses a significant amount of money year over year, but it also helps to safeguard their reputation. By prioritizing cybersecurity, businesses of all sizes can avoid the financial and reputation-related costs associated with regulatory fines, litigation, and customer loss.
"How much does cybersecurity save organizations on average?"
By investing in consistent cybersecurity efforts, you could save your organization up to 82% of data breach-related costs. That's a significant margin!
Counting the Cost
Cybercriminals are becoming considerably more organized in their operations, and their attack methods are constantly improving. As a result, companies must consider the implications of a cyberattack: they must review what it could mean financially, as well as the damage it could cause to their business, customers’ data, and reputation.
The cost of not acting promptly can far exceed the cost of a cybersecurity evaluation.
Packetlabs offers comprehensive, affordable security services, including infrastructure penetration testing, application testing, and red team exercises. Our testing team has the required expertise and qualification, augmented by hands-on experience in live threat environments.
Organizations of any size can't avoid being the targets of big game hunting. If they're known by cybercriminals to be a potentially valuable target, then it is a high likelihood that they will be targeted. However, organizations still employ various cybersecurity measures to significantly lower the chance of these hunters succeeding in their mission. The more prosperous an organization, the more alluring it becomes to threat actors.
Concerned about what cyber big game hunters could mean for your organization's cybersecurity? Contact our team of ethical hackers today for a free, no-obligation consultation.