Hacking: How to Protect Yourself and Your Company
As we move from the Internet of Things to the Internet of Everything, the nature of hacking is changing.
There was a time, call it the early 90s, when hackers seemed like a group of mischievous teens bent on wreaking informationally-based havoc from darkened bedrooms. It was ragtag rebellion. The next generation versus the system that sought to keep them down.
Today, that equation could be flipping. Many modern hackers resemble the system they used to fight, a system that can now attack the individual instead of the other way round.
Even the term “hacker” seems like a misnomer. It’s singular, but the last really big hack pinned on a single person was all the way back in 2005 when Alberto Gonzalez, known as soupnazi, hacked TJ Maxx to steal the credit information of 94 million accounts. He eventually got 20 years in prison for data thefts totaling more than 170 million accounts.
(Technically, even soupnazi had co-conspirators, but he got the lion’s share of the fame and the blame.)
More often, today’s hackers are gangs, networks, and/or organizations—complex, structured, resourced, and powerful on a global scale. Their efforts sound more like the coordinated initiatives of crime syndicates than individual pranks. For example, the North Korean hacking organization Lazarus, previously known for its 2014 hack of Sony Pictures, was recently discovered to have stolen upwards of $570 million in cryptocurrency over the course of a year.
That’s a far cry from the antics of a lone prankster.
One of the most important lines of defense against hacking systems is the individual, because individuals are used as gateways into bigger targets—organizations like companies, banks, etc.
With that in mind, here are four widespread hacking methods and how you and your team can protect yourselves.
Phishing & Spearphishing
An email pretending to be a reputable source (phishing) or a specific person you know and trust (spearphishing) with an urgent or compelling reason to click on a link or attachment, which downloads malware or captures login credentials.
Successful phishing attempts give the hacker access to the user’s information, computer, and any network they’re connected to for any purpose they want.
Phishing is still one of the most successful techniques for gaining access to a company. That $571 million in cryptocurrency stolen by Lazarus? Made possible in part by this simple technique.
What to do?
Work with your IT teams to send preventative emails to employees and educate employees on the risks and security methods.
Employees need to be made aware of and follow basic personal security precautions – don’t open email from suspicious sources, use virus detection tools (and make sure they’re updated), and double check before clicking anything. Even sophisticated spearphishing techniques can look obvious when you take a step back.
The Trojan Horse
Like the famed wooden horse that hid Greek soldiers and brought down the city of Troy, modern Trojan Horse programs hide malware in something that’s seemingly innocuous. It could be delivered through phishing/spearphishing and, once on a user’s machine, can grant unlimited backdoor access to hackers.
The hacking group Lazarus has been found to have created a fake cybercurrency trading program that gave them access to users’ machines
What to do?
As with spearphishing, follow basic personal security precautions. Educate company-wide. Teach everyone to think before they click and only download what’s been scanned or verified as legitimate.
IT teams can run perennial network-wide scans to detect illegal or unusual activity and identify Trojan Horse software.
DoS—Denial of Service Attack
With the aim of crippling a targeted site or network rather than stealing, hackers flood the site with traffic from bots and trojanized machines (Distributed Denial of Service, or DDoS) to overload the site and crash its server, taking it down.
The biggest DDoS attack ever recorded took place in spring of 2018 – in the world of hacking, records will always continue to be broken – as the developer platform GitHub was briefly overwhelmed by 1.35 terabits of data per second. Outages immediately crippled sites across the United States as GitHub struggled under the attack. Within ten minutes, GitHub’s DDoS mitigation service kicked in, routing all traffic through scrubbing centers to block malicious packets. After eight minutes, the attack stopped.
What to do?
DDoS attacks typically target larger organizations or core competencies of connected networks. If yours is a potential target, exploring a DDoS detection and mitigation system could be worthwhile.
If, on the other hand, your organization isn’t currently angering the hacking collective Anonymous or China—implicated in earlier GitHub attacks—you might be ok.
Waterholing & Fake WAP
Waterholes in the Serengeti are where all prey animals have to go to get their water, so they’re common hunting grounds for predators. Public WiFi networks are like humankind’s waterholes where the predators are hackers.
Every coffee shop, hotel lobby, airport, and even full municipalities offer free WiFi as a convenience. And it’s incredibly simple for hackers to set up a fake Wireless Access Point (WAP), and use it to redirect unwitting visitors to sites that steal their data, login credentials, or download malware.
While implications for individuals might be obvious, it’s important to note the danger to corporate systems too, as infected machines can expose entire company networks to risk.
What to do?
As with previous examples, educate team members. Arm them with information and maybe a bit of paranoia. Trust no public network. Encourage the use of VPN when connecting over any public WiFi.
Users should watch for a few things. Most public WiFi networks are now captive portal, with no password required to join, but most reputable networks will require you to agree with terms of service before joining. If they don’t, think twice. Another warning sign might be an extremely slow connection, which could indicate a lot of redirecting is going on.
Hacking may seem like something that only happens to big companies like Facebook or GitHub but most IT professionals will tell you that hacking attempts happen far more often than you probably realize. A single compromised computer on your company’s network can infect all of them and cleaning up that mess can be costly in terms of both time and money.
Take security seriously and insist that everybody else in your company with a computer do the same. Taking basic precautions and including security training in your onboarding are far easier than dealing with infected computers and/or compromised applications. Even if you’re never targeted by hackers, you don’t lose anything by being smart and safe.
Devetry partners with clients to identify critical needs and build custom software. Understanding client needs comes first. Choosing the right technology comes second. Learn more.