by Scott Lewis
Part 1 of 3
Hacking. It has become a part of daily life in our connected world. For individuals and corporations, it has become a major part of our computing life from our laptops to smart phones and tablets. We are now a society that is constantly connected and online, which can translate to higher threat levels, and with every countermeasure we take we become more susceptible to new threats and being a victim of hacking.
Have you ever really thought about computer hacking and the people who do it? I have known many hackers throughout my 35 year carreer in the technology business - ones that play on the good side, some who make a very good living on the bad side and, of course, others who play both sides. Have you ever really asked the question: What do they get out of it? They are obviously smart people, they can write solid programs with a purpose and a specific result, but why? What are they looking for? What do they get out of it? What happens to the data they steal, and, if you are like me and my customers, how do you protect yourself? These are all questions that we will discuss and try to answer throughout this article.
When you think about how it’s done, to most people’s surprise it really isn’t that hard. We always think that it is some big bad dude sitting in a dark room on a computer with neon lights and glowing posters on the wall. Although in some cases that may be true, in most cases hacking is done through simple social engineering and human interactions. Simply just asking for information in a polite and interactive manner, people will generally provide you with the answers you need. From a corporate perspective that thought is very scary, but it is true.
The plain and simple proof is how often you really change passwords, or better yet how often the CEO changes his or her password. That becomes an issue when the CEO has problems, someone needs to work on their computer, his or her assistant has the password and then gives it to someone else and then to someone else and before long that password really isn’t a secret any longer. Or, someone from IT calls and asks for your password, you provide it, and now that password is no longer a secret. IT should never need to ask you for your password because they can change it. However, if you do give it to them, insist that you change it when they are done.
Going back to how is it done, step one is social engineering and established user trust. Then you have more traditional methods such as Trojan horse programs. Trojan horses are just as the name implies it is picture, document, PDF or other creatively disguised program that once opened, or in some cases just using a mouse over, executes a program or a virus. Once executed, it will then install other programs that could open backdoors into your system. In a predominantly Windows world there are some common programs used to access computers, programs such as Backorifice, Netbus and Subseven that allow for remote connections to computers that can be utilized to download or upload data to and from a computer. Denial of service attacks, though in today’s world are more of a nuisance than anything else, are still out there and can cause disruptions to normal business activity either by taking down web based services or applications or simply slowing networks down to the point they create an environment of being completely unproductive.
A big weakness in most networks and they are often overlooked are unprotected network shares. First off what is a network share? A network share is primarily a network drive that is accessible to multiple users across a local area network or wide area network. However, due to other network resources becoming smarter such as connected copiers, VoIP voicemail systems or the phone system itself that are on the network and accessed across the network can utilize network shares. Network shares can be exploited by intruders in an automated way, this is a very common manner by which Ransomware and CryptoLocker viruses are spread across internal and external networks. This becomes a security issue because network to network or site to site security especially on the Internet is interdependent on each other from one computer to another. A compromised computer can cause problems across the entire interdependency of computers on the Internet or network, and this interdependency is what makes Ransomware and Crypto viruses so devastating, but more on these later.
Another common data mining process that hackers will use to watch your network and probe for vulnerabilities on the Internet is called packet sniffing or scanning. However, now that mobility devices have become so popular and increasing exponentially wireless packet sniffing and scanning is becoming more common place. Packet sniffing can actually capture the individual packets that data is transmitted in across networks or through wireless activity. Contained within those packets could be data such as usernames, passwords, and any proprietary data that travels in plain text. Due to the ease of setting up and utilizing a packet sniffer on the Internet this could potentially put thousands of usernames and passwords at risk simply due to human error. Human error? Yes. Ever accidentally entered your password in the username field? A simple mistake like that can expose you to being captured by a packet sniffer.
There are many other methods that hackers can utilize to gain access to your network or computer the methods we have talked about is just the tip of the iceberg. However, most are dependent on a couple of factors which could include human error, human trust, or programming errors that expose weaknesses in SQL databases, stolen credentials, DNS high jacking, misconfiguration of network devices or computers, or unintentional information disclosure. There is not a single weakness that creates hacking opportunities, which also means there is no silver bullet to stopping it. Hacking typically requires a combination of a lot of things that have to come together in order to provide a hacking opportunity which is why network, workstation and Internet security is an ongoing never ending process to manage the threat, mitigate the threat, and react to a threat once it is discovered.
Scott Lewis is the President and CEO of Winning Technologies Group of Companies. Scott has more than 30 years of experience in the technology industry and is a nationally recognized speaker and author on technology subjects. Scott has worked with large and small business to empower them to use technology to improve work processes, increase productivity, and reduce costs. Scott has designed thousands of systems for large, medium and small companies and Winning Technologies goal is to work with companies on the selection, implementation, management and support of technology resources. Learn more about Winning Technologies at www.winningtech.com or call 877-379-8279
Submitted 6 years 67 days ago