Weaponising the threat: The changing face of cybercrime

IOL News

16-07-2025

Companies and high-profile individuals are using cyber-attacks as a way of discrediting and disrupting their competitors.
Image: Supplied
Cyberthreats have been weaponized for years. Companies use hackers to infiltrate competitors and steal data or ruin their reputation. Fake news and false information disseminated to erode customer trust. Online smear campaigns designed to give one company or high-profile person an edge over another. These cases aren't as rare as they sound, and they are evolving – the hacks themselves are being used to discredit and disrupt.
False accusations, witch hunts, distractions – these are some of the core approaches that can be used to damage a competitor or a high-profile person. It doesn't matter whether or not the company taking credit actually perpetuated the attack. Their goal is to cast a shadow, to create deeper disruption and it often works.
False accusations are perhaps one of the most insidious.
A company blames someone for a successful attack, creating a witch hunt which has media and investigators digging into their business and activities. One of the most well-known cases of such an attack was when the hacking group Anonymous accused a Canadian man of attacking Amanda Todd online. After a lengthy investigation, the man was cleared but not after the incident had caused significant damage to his life and reputation.
On the corporate side, ExxonMobil was accused of commissioning hackers to target climate activists – claims that lacked definitive proof.
But what about hacks used as a form of misdirection in a move that's as old as the Colosseum? There are several notable examples of how hacking accusations were used to misdirect others and distract from other activities.
Video Player is loading.
Play Video
Play
Unmute
Current Time
0:00
/
Duration
-:-
Loaded :
0%
Stream Type LIVE
Seek to live, currently behind live
LIVE
Remaining Time
-
0:00
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
Text Color White Black Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Transparent Semi-Transparent Opaque
Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps
Reset
restore all settings to the default values Done
Close Modal Dialog
End of dialog window.
Advertisement
Video Player is loading.
Play Video
Play
Unmute
Current Time
0:00
/
Duration
-:-
Loaded :
0%
Stream Type LIVE
Seek to live, currently behind live
LIVE
Remaining Time
-
0:00
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
Text Color White Black Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan
Transparency Transparent Semi-Transparent Opaque
Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps
Reset
restore all settings to the default values Done
Close Modal Dialog
End of dialog window.
Next
Stay
Close ✕
The Sony breach false claim in 2023 is a case in point. A ransomware group claimed to have hacked the company and stolen information which had a serious impact on Sony's reputation. While Sony did prove the claims were false, the damage was done. Epic Games experienced a similar attack in 2024 when a Russian hacking group made the same claim. Epic rapidly proved them wrong, but the hacking group got what it wanted – credibility among its peers.
These acts of misdirection and fake claims always have a motive. Money, notoriety, reputational damage or gain, manipulating markets and bringing down a competitor. While the hack has the headlines, people are too busy watching to notice what is actually happening in the background. It's a similar tactic used by cybersecurity companies.
There are tools that allow security teams to misdirect attacks. These dummies keep the threats away from the primary systems, distracting them while teams orchestrate a defence.
Then there's the other element to these attacks. Companies use them to get information from their competitors so they can gain a market advantage. The Industrial Spy marketplace is exactly what it says on the tin, for example, a marketplace that sells stolen trade secrets to companies willing to pay.
Their packages can cost in the millions. KnowBe4, a security training awareness company, discovered that its new employee was, in fact, an operative pretending to be a software engineer.
The moment they received their Mac workbook, they started to plant malware in the company. While this example isn't quite in the same lane as corporate espionage, it was a crime committed by a state operative from North Korea with the goal of infiltrating and tearing down a US company.
What makes these attacks increasingly vicious is how they're being twisted to fit new motives or to protect companies from being indicted. Companies are employing dirty tactics to stay ahead of the game and divert suspicion.
Like, getting the hackers to attack them as well as their competitor so they can claim they had nothing to do with it.
Then potentially turning accusations around back on their competitors to suggest they were responsible in the first place. One hand is waving so the other hand can't see what's happening, and the permutations are only growing more convoluted and sophisticated.
Organisations need to pay attention to these threats, recognising that they are introducing complex new ways of affecting business and reputations.
Defending against them needs accurate records, superb security support and visibility into the entire business ecosystem.
Richard Frost, Head of Technology and Innovation at Armata Cyber Security.
Richard Frost, Head of Technology and Innovation at Armata Cyber Security.
Image: Supplied.
BUSINESS REPORT