The world of cybercrime has evolved from “hacktivists,” groups of hackers who break into systems to make a political point, to criminal gangs scattered around the globe who successfully breach networks, usually really big companies, because that’s where the profits are.

“They operate it like a business. At the end of the day, it’s cash,” said Chris Novak (pictured), global director of the Verizon Threat Research Advisory Center at Verizon Enterprise Solutions, who described a sophisticated structure that tracks malware performance and rewards programmers for especially lucrative results.

Novak visited theCUBE, SiliconANGLE’s mobile livestreaming studio, and spoke with co-hosts John Furrier (@furrier) and Dave Vellante (@dvellante) during the CyberConnect 2017 event in New York City. They discussed Verizon’s breach report, the involvement of organized crime in the cyberworld, and nation-state hacking. (* Disclosure below.)

Verizon has been issuing a “Data Breach Investigations Report” since 2009. The latest edition documents a rise in insider threats and continued ransomware attacks that are beginning to take a toll on small and medium-sized businesses.

Make a point or make millions

Verizon’s research shows that the vast majority of current attacks are financially motivated. It’s generally a simple choice in the hacker community. “The hacktivists realize ‘I can do this and make a point, but a point doesn’t necessarily make me money,’ or ‘I can do this for an organized crime group and make millions of dollars,’”  Novak explained.

Although financial gain remains a strong factor, nation state hacking continues to rise. In breaches by nations, valuable data is often the goal, as seen in the theft of more than 20 million sensitive records from the Office of Personnel Management more than two years ago. The Chinese government is generally believed to be responsible.

“You’re starting to see more attribution to government-related attacks,” Novak said. “It keeps getting harder, and the threat actors keep getting better.”

Is there a solution? “There’s not really a simple answer,” said Novak, who made a plea for more cybersecurity awareness and proactive threat hunting. “It’s like saying how do we stop crime? We don’t.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the CyberConnect 2017 event. (* Disclosure: TheCUBE is a paid media partner for the CyberConnect 2017 conference. Neither Centrify Corp., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE