On rare occasions, news outlets do cover the theft of intellectual property and data bases of a multi-million dollar business or the theft of secret documents of a foreign government. On truly rare occasions news cover the very same scenario but with a twist; the victim was actually a medium sized business or even a newly started company which has lost its latest development.
In this article we are going to cover a piece of information that is rarely covered outside specific publications: Cyber-attacks, the goals, targets and weaknesses.
First, I would like to demystify what might seem to the public common knowledge and state that no business, no matter its size, is exempt from an attack or even a complex attack. Small businesses are often called soft targets for a reason; they are easy to hack into and there are plenty of them to go around. Have in mind, that the tools that can hack into a large business can definitively be used on a smaller or even kickstarted company, unlike flesh and bone criminals, cyber-criminals have no problem using the equivalent of a tank to ransack the equivalent of a 7 / 11 (Quick for our readers in Europe).
I must repeat this information, because there is this terrible misunderstanding that small businesses are somehow immune to hacking, they are not, they are just easier targets for terrible (I do mean terrible, as in utterly talent-less) criminals, wanna-be hackers, and script-kiddies of all ages.
With that in mind, let's jump into the goals of an attack.
This is now a rather simply question, in the age of unbounded communication people depend on technology to run their daily life, people store sensitive information on desktops, or worse, mobile units (Smartphones, tablets, etc...) that are overly communicated. If a person can fit his or her entire life in a computer that is most of the time connected to the internet, what could a company store in an entire complex? The answer: Well....Everything.
When people hear about the word "Database" one could picture an image of a spreadsheet with a bunch of data on it, the truth is that a database can be many, many things. A database can be: an accounting record, medical records, patient history, list of recipes and formulas for all sorts of industries, clients, source code, list of employees, and many other sorts of sensible data that need to be stored orderly in a computer. You can see why this is kind of important for many industries, and it gets worse for Start Ups.
Start ups base their entire business model on a revolutionary idea, or an independent development. Whether we talk about a technological breakthrough, a cloud service, art, or a hip new app: All of these are called "Intellectual Property" or "IP", and they are very valuable. The theft of patented developments or information yet to be patented is the biggest, worst, and most profitable form of an attack, and it is much more common than you think, and it goes largely unreported.
E-Stores tell yet another terrible story, this decade has seen a relentless rise on attacks to E-Stores. The goal here is more complex than one might think, one can link E-Store vandalism to Credit Card fraud almost immediately, but there are other forms of attacks. E-stores can be vandalized and serve as host to malware distribution, shady web communication through code injection that the