Dissecting the Criminal Mind: Why They Target Company Data

data breach, cybersecurity, fraud

Data is the oil of the 21st century, as you’ve likely heard. That’s because digital information acts as both a lubricant and an ignition agent for nearly every innovation transforming business, payments and commerce.

But with the news that a cyber-attack on the auction house Christie’s has resulted in the theft of collector details and artwork geolocation data, and affected an estimated 500,000 customers, understanding what criminals can construe from stolen data, as well as embracing best practices for protecting sensitive information, is top of mind for forward-thinking firms.

After all, this is the second time in less than one year that Christie’s has suffered a cyber-attack resulting in a data breach. This past August, the auction house suffered a different breach that leaked the locations of artworks held by some of the world’s wealthiest collectors.

And it’s not just Christie’s that cyber groups have been targeting in recent days. On Wednesday (May 29), the BBC revealed that a week earlier cybercriminals had raided a BBC pension database and absconded with the records of over 25,000 past and present employees.

Names, dates of birth, sexes, national insurance numbers and home addresses were included in the exposed data. 

Against the backdrop of the contemporary threat landscape, which remains ever-evolving and increasingly dangerous, it has never been more important for firms — particularly smaller, more vulnerable businesses — to protect themselves.

And the first step in establishing a proactive and productive cyber defense program requires understanding not just how fraudsters are breaching enterprise vulnerabilities, but also what they are doing with company data once they’ve obtained it. 

See alsoAttack Vectors 2024: Scaling Effective Cyber Hygiene Throughout Your Business

Data Security Will Define Business Success in the Digital Age

PYMNTS Intelligence has found that 82% of eCommerce merchants endured cyber or data breaches in the last year. Forty-seven percent of those merchants said the breaches resulted in both lost revenue and lost customers, according to “Fraud Management in Online Transactions,” a PYMNTS Intelligence and Nuvei collaboration. 

Cybercriminals target the data businesses collect on their customers for several reasons. Personal and financial information, such as credit card numbers, bank account details and Social Security numbers, can be sold on the dark web or used for identity theft and fraud. Cybercriminals can also use this data to make unauthorized transactions or take over accounts.

As with the Christie’s example, attackers may also use stolen data to extort businesses or individuals. Ransomware attacks, where data is encrypted and a ransom is demanded for its release, are a common tactic.

Detailed customer information can be used to craft convincing phishing emails or social engineering attacks, tricking individuals into revealing more sensitive information or accessing secure systems. And as a knock-on to this type of attack, cybercriminals can combine stolen data with other information to create comprehensive profiles on individuals, which can then be used for more sophisticated fraud or sold for higher prices.

“The industry in fraud is shifting to real-time learnings because the fraudsters are now real-time. In cyberspace you have something called a zero-day attack, which basically means you’re going to get attacked on day zero, and you’re going to be attacked before you even know what the solution is. Because the criminals are way ahead of you,” Shimon Steinmetz, chief financial officer at risk assessment and fraud prevention solution Vesta, told PYMNTS.

That’s why, to protect customer data in the face of evolving threats, businesses are encouraged to adopt a multi-layered security approach. 

See also: Data Security Is Top Priority as Payments Enter Zettabyte Era

Keeping Data Safe Means Keeping Growth Secure

By understanding the motivations behind cybercriminals’ actions and implementing robust security measures, businesses can better protect their customer data and maintain trust in the digital age.

Within the financial services sector, research by PYMNTS Intelligence has shown financial institutions use a range of tools to prevent fraud, with financial institutions across the board saying they rely on a mixture of in-house fraud prevention systems, third-party resources and new technologies to safeguard their institutions and customers.

It is also crucial for businesses to develop and regularly update an incident response plan to quickly and effectively address security breaches. This plan should include steps for containment, eradication, recovery and communication.

“After-action reports will help you understand what your business continuity plan was and where it failed … If you haven’t stayed up on your hygiene, that will come out in the report. That’s why running red team exercises or simulated events is so important,” Matanda Doss, executive director and lead information security manager for commercial banking at JPMorgan, told PYMNTS in December.

Because many fraudsters are ultimately after an easy target, effective data security is paramount for maintaining customer trust and ensuring business growth.

PYMNTS-MonitorEdge-May-2024