- steal financial information (credit cards, bank account #s, etc.) and/or PII (SSN, DLN, DoB, names, etc.)
- steal usernames/passwords then use those to attack further
- install malware that captures keystrokes, screen captures, etc.
- install backdoors and/or botnet software on victim’s machines so they can attack other computers around the world
- exfiltrate private and sensitive data, emails, etc.
- modify data, emails etc. residing on the hacked network
- capture network traffic
- and so much more
Not only can the technical damage be detrimental to an organization, but a damaged reputation and the expenditures to fix the damage after an attack can also be catastrophic.