An average hacker earns less than $30,000 a year from malicious activities, which is a quarter of a cybersecurity professional’s average wage, a recent survey shows.
Some 72 percent of hackers say they won’t waste time on an attack that will not quickly yield high-value information, while 73 percent stated attackers hunt for easy and “cheap” targets.
An increase of 40 hours in the time required to conduct successful cyberattacks can discourage as much as 60 percent of attacks. On average, a technically proficient attacker will quit an attack and move to another target after spending approximately a week (209 hours) without success, the survey reveals.
It takes 147 hours for a technically proficient cyberattacker to plan and execute an attack against an organization with an “excellent” IT security infrastructure versus 70 hours for “typical” security, respondents say.
Almost three-quarters (72 percent) of respondents believe attackers will stop trying when an organization presents a strong defense.
“By adopting next-generation security technologies and a breach prevention philosophy organizations can lower the return on investment an adversary can expect from a cyberattack by such a degree that they abandon the attack before it’s completed,” said Larry Ponemon, chairman and founder at Ponemon Institute.
The survey queried 304 participants in Germany, the United Kingdom and the United States. 79 percent of respondents described themselves as involved with the attacker community.