In the past, we’ve often stereotyped hackers as isolated computer geniuses, tucked away in a dark closet or garage, busily keystroking their way to cyber-chaos. While that may have been the case at one time, those days are gone. Today, hackers are sophisticated global criminals using sophisticated means to steal data, compromise networks, and cripple businesses and organizations.
Before getting into a brief discussion of seven of the more common ways they break into networks – and be assured, the list doesn’t stop at seven – let’s start at what is more or less the jumping-off point for a lot of attacks: Malware.
As most anyone familiar with IT knows, malware is the umbrella term for malicious software such as viruses, worms, spyware, and ransomware that hackers use to secretly access your computer and, ultimately, your network. It can be delivered directly by emails, attachments, or fake links, or by corrupting servers to allow the uploading of malicious code to users who visit a website.
But regardless of the delivery mechanism, malware is a threat that cannot be ignored: In 2015, more than 430 million pieces of malware were discovered, an increase of 36 percent from the previous year.
With that as a rather somber introduction, here are seven ways that hackers are trying to damage your business:
Phishing. This is one of the most common forms of intrusion. Simply stated, it occurs when a cyber-criminal tries to steal critical data by posing as a legitimate person or entity. Victims get a communication – typically an email or text message – that contains an attachment or link that looks real; it could appear to be from your bank, your Internet provider, or some widely known business. When the user clicks on the attachment or link, they’re taken website that’s been created to deceive them into giving up sensitive information such as passwords or credit card and or Social Security numbers. It’s been estimated that 30 percent of phishing messages are opened, and 12 percent oft those who are being attacked click on the malicious attachment. At that point, 80 percent of hackers break into systems in a matter of minutes. Example: In 2014, Home Depot was attacked, and the personal and credit card data of 100 million customers was stolen and put online fore sale.
Spear phishing. A variation of phishing, this occurs when the target gets an email from an individual he or she thinks they know. Trust is the key tactic; the attacker may call you by your first name or refer to someone or something that is familiar. As is the case with phishing, the email contains a link or attachment that, when clicked, infects the computer with malware that gives cyber-criminals a doorway into your network. Example: In a 2014 attack on Target, hackers compromised 40 million credit cards and 70 million other records. It has been estimated that the hackers sold between 1 million and 3 million of the credit cards, making $54 million.
Password cracking. We all sometimes use passwords that are easily remembered – a pet’s name, for example, or the last four digits of your Social Security number or your date of birth. That makes the hacker’s job pretty easy; they just track down your personal information (which is easy to do online), and start trying to find a password that works. They can also often run every possible combination of letters and characters through a high-speed computer – a technique known as a brute force attack – and attack the system until one hits. Or if they’re not feeling very industrious, they can just buy a list, often for $1,000 or less. Example: In 2011, a security breach at the North American Treaty Organization resulted in the public release of names, user names, and passwords for 11,000 registered users of the NATO bookstore.
Buffer overflow. In this form of intrusion, a hacker pushes more information into a buffer – which is a temporary storage area on the computer – than it can handle. When that occurs, the excess data is forced into another buffer, either overwriting or corrupting the information that is already there. Hackers can also deliver commands into the buffer that have codes containing instructions to damage or delete existing files or reveal private information. Examples: Microsoft’s Xbox, Sony’s Play Station 2, and Nintendo’s Wii have all been victims of buffer overflow.
Denial-of-service (DoS) attack. In the most common form of DoS attack, a hacker will flood a network with data, placing impossible demand on the system. As a result, computers cannot be used for their intended purposes (getting emails, accessing websites, etc.) and the system can crash. Although this is not generally a data breach incident, it can cripple the productivity, profitability, and efficiency of any business. Examples: Twitter was hit by a DoS attack in 2009, and in 2012, Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank, and PNC Bank were all victims of what was at the time the largest DoS intrusion ever.
Advanced Persistent Threats. This is an invasion in which hackers break into a network, often through spear phishing, and initially “lay low” to avoid discovery. Once they’re in, they assess the system’s security capabilities and then develop a plan to beat those defenses. This enables them to remain in the system for an extended period of time, stealing data at will and allowing the hacker to use that information for other criminal purposes. Example: In 2015, the U.S. Office of Personnel Management was the target of a security breach – likely by Chinese hackers – that exposed 21.5 million records. The breach had begun more than a year earlier.
Downloading “free” software. We’ve all heard the adage, You can’t get something for nothing. That’s especially true when it comes to cyber-security. Malware is often disguised as free software that looks real and is offered on seemingly legit websites – but when downloaded, it infects the computer. Example: Ironically, one of the more common examples is fake anti-virus software that users are tricked into believing will protect them.
If this can happen to Fortune 500 companies, global military alliances, and federal government agencies – with their multimillion-dollar security budgets – it can happen to small and medium-sized businesses. And while firewalls and real anti-virus programs are a start, that’s all they are – a start.
To sidetrack hackers, you need to fight sophistication with sophistication, and that means using services and software that have a superior “catch rate,” an expansive “threat cloud” that can capture new viruses, and the ability to detect and extract malware instantly.
But there’s also something else every enterprise should do, and it’s as effective as it is cost-effective – and can save you a lot of time, money, and headaches. More on that in our next post.
ABOUT THE AUTHOR
Mark Elliott is a Best-Selling Author and CEO. His company, 3i International, helps you apply technology to improve performance and compliance. For over 25 years, Mark has been helping startups to Fortune 500 companies overcome the technology challenges they face. He develops strategies to analyze, manage, and adapt to the ever-changing technology landscape. A central focus has been security and compliance. His experience includes preventing, detecting, and responding to hackers and threats. This keeps your organization safe from invasions while simultaneously meeting regulatory compliance.