Cybercriminals blackmail and target SMEs by threatening to disclose sensitive data or paralyze services, particularly in the area of supply security.
Find out in this article the different ways in which a cybercriminal can harm an SME. 
The different methods used by hackers
Hackers trick the “target” into doing something they wouldn’t do on their own.
In most cases, this involves getting them to open an e-mail attachment, click on a link, enter personal data such as passwords, or make a payment.
One common method is called social engineering.
Hackers obtain information on the administrative, organizational or business structure in a variety of ways beforehand.
This is made possible by information published on the SME’s website or social networks, for example.
They then look for a “target”, which they confront with a tailor-made scenario.
For example, the hackers try to obtain usernames and passwords by pretending to be an employee of a software company.
Using the pretext of serious IT problems and pretending to know the company, they confuse the target until he or she divulges the desired information.
In their e-mails or phone calls, hackers sometimes also use the name of an administrative unit, such as tax authorities or energy suppliers.
Types of handling
1. Hierarchy Hackers use the organization’s hierarchical structure to push people into action.
Often using a false identity, they ask the employee to share sensitive information or make a payment on behalf of a superior. 2. Urgency Hackers make the “target” believe that he or she must act in a hurry. 3. Covetousness / curiosity Hackers promise the “target” a payoff or surprise if he or she opens the file or clicks on a link.¨ 4. Fear / anger The pirates threaten the target, in case he or she does not carry out the order.
Or they make manifestly inaccurate statements, which can be corrected by clicking on a damaging link. 5. Sympathy The subject matter strikes a chord with the “target”.
They want to join forces to solve a problem.
Variations on blackmail and theft
Criminals gain access to your SME’s network through stolen access data, malware or insecure systems.
If they find interesting data, they encrypt it or threaten to publish or delete it if you don’t pay the ransom.
Sometimes the data is copied and sold to third parties, or used for e-banking payments.
Frequent processes
1. Ransomware Malicious software is sent out in large numbers, for example by e-mail.
Victims are then spied on to gather information.
If successful, the hackers take control and begin encrypting data.
If necessary, data will also be stolen.
The blackmailers demand a ransom to decrypt the data. 2. e-banking Trojans In addition to blackmail, cybercriminals also aim to manipulate payment orders.
To this end, they use e-banking TrojansThese are programs that enable hackers to access a victim’s e-banking accounts.
They are often sent by e-mail (e.g. disguised as an invoice or job application). 3.Phishing Recipients are warned by e-mail, website, e-phone or SMS that certain access data is no longer secure or up-to-date, and invited to change it via the link provided.
However, this link leads to a fake website. If the recipients log on, they enable the hackers to obtain access data, e.g. credit card or e-mail passwords or another account 4. DDoS (Distributed Denial of Service)DDoS stands for Distributed Denial of Services.
In the event of such an attack, services such as the website, e-mail or digital telephone system are flooded with requests.
The system then breaks down, and the administration or service provider can no longer perform its tasks.
A ransom has to be paid to stop the attack.
Hackers sometimes use DDoS attacks to divert attention from the real “digital strike”, using previously stolen access data. 5. Remote access As the name suggests, remote access enables access to a computer or network from the outside, e.g. for teleworking or remote maintenance by IT support.
Hackers also use this remote access to gain access to the SME’s or service provider’s networks, for example through phishing attempts, password attacks or attacks on unsecured or obsolete network components.
If you would like us to support you in this process, please do not hesitate to contact us .
