Consciously protect your company from data breaches
by Scott Lewis
December 6, 2016

Hacking has become a part of daily life in the current, connected world. We are all part of a connected, online society, which can translate to higher threat levels. And with every countermeasure we take, we become more susceptible to new threats and the possibility of becoming a victim of hacking. Hacking isn’t that difficult. In most cases, hacking is executed by way of simple social engineering and human interactions. Simply asking for information in a polite and interactive manner will generally lead people to provide hackers with the answers they need. From a corporate perspective, freeing company information is a scary thought. How often do you change passwords? How often does the CEO change his or her password? For hackers, the first step in gaining information involves social engineering and established user trust. In a predominantly Windows world, there are some common programs used to access computers, such as Back Orifice, NetBus and SubSeven, that establish remote connections to computers that can be utilized to download or upload data to and from a computer. Denial-of-service attacks are more of a nuisance than anything else today, but they still exist and can cause disruptions to normal business activity, either by taking down web-based services and applications or by slowing down networks to the point that they create an environment of being completely unproductive.

Network Shares

A large area of weakness in most networks is an unprotected network share. A network share is primarily a network drive that is accessible to multiple users across a local area network or wide area network. Network shares can be exploited by intruders in an automated way. This is a common manner by which ransomware and CryptoLocker viruses are spread across internal and external networks. This becomes a security issue because network-to-network or site-to-site security, especially on the internet, is interdependent. A compromised computer can cause problems across the entire network.

Packet Sniffers

Another common data mining process that hackers will use to watch your network and probe for vulnerabilities is called packet sniffing or scanning. However, now that mobility devices have become so popular, wireless packet sniffing and scanning is increasing becoming more commonplace. Packet sniffing can actually capture the individual packets that data is transmitted across networks or through wireless activity. Contained within those packets could be any data that travels in plain text. Due to the ease of setup and utilization, a packet sniffer could potentially put thousands of usernames and passwords at risk, simply due to human error. Have you ever accidentally entered in your password in the username field? A simple mistake like that can expose you to being captured by a packet sniffer. Most people think that if a system is hacked, bells and alarms will go off, lights will flash or the system will start doing crazy things. Some of those things may happen. However, good hackers will be very difficult to track and detect because they don’t want you to know they were on your system. A perfect scenario from a hacker’s perspective is the longer you go without realizing that your data has been stolen, the more it is worth to potential buyers on the data black market.

Reputation Hacking & Identity Theft

Reputation hacking is when someone hacks your Facebook, LinkedIn or other social media accounts. Social media sites contain a volume of data about you. Many of us use parts of this data to create passwords and usernames. Once they gain access to that data, what will they go after next? First, they will access to your computer or your local area network. The goals may be different depending on whether they are targeting you personally or the company you work for. Corporate networks tend to be harder to get to. However, the process of information gathering may be similar. Statistically, your password is going to be a combination of personal information that you can remember, such as information gathered from your Facebook page. Now, of course the golden prize is credit card information, banking information, website logins, mutual funds and 401K accounts. But there are many other prizes out there that feed into identity theft all completed with your name. Right now, the biggest thing hackers are going after is identity theft. In a recent study by the FBI, 54 percent of incidents are based around identity theft. Financial access makes up 17 percent, account access is about 11 percent and corporate data is about 8 percent. In the corporate world, the biggest threat to your company data is your employees. However, 55 percent of identity theft is conducted by an external threat.

Company Concerns

Not all hackers are after your data, or you and your business may not be the actual target. The one thing that companies have that most hackers are not going to have is very high computing power. Again, good hackers do not want you to know that your system has been hacked. They may want to come back and use your servers to launch attacks on other businesses, which may have been the original target, but they needed your help to execute their plan. If hacking efforts create issues on network, or if the footprint is too big from a business disruption perspective, then the likelihood that you are going to notice and take countermeasures is much higher. Once a hacker has access to your system, there is a lot that can be done without your knowledge, and it is amazing how much can happen without your IT department knowing it. Hackers have been known to set up web servers and use them to distribute illegal spam or black-market information.

The Data Black Market

The data black market is one of the very last free marketplaces in which the value of something is based on the perception of the buyer/seller relationship. In most cases, the actual interaction between buyer and seller is either conducted through chat rooms or simple email, then, through the use of bitcoin, the actual financial transaction is completed. Bitcoin is basically untraceable, digital currency. Once a dollar has been changed into bitcoin, the tracking of that bitcoin transaction is virtually impossible. Setting up a bitcoin account is relatively easy. There are clearing houses or online banks, such as Dwolla. Once you have an account set up at Dwolla, you have to set up an account at a bitcoin exchanger. Then, you simply transfer funds into your Dwolla account and move those dollars through the exchanger, which transfers the dollars to Bitcoin. Now, you can send digital funds to any other Bitcoin account. The transferring of these funds can be completely anonymous and untraceable.

Stolen Data

In some cases, the data seems harmless on the surface, but you have to put the entire puzzle together in order to fully understand how stolen data moves across the internet. Then, an understanding of how that stolen data is used to facilitate identity theft, bank fraud, credit card fraud or simple online purchases of goods and services. In some cases, hackers are simply looking for email addresses. Online marketers pay for lists of validated emails. They not only pay to have them created to use for themselves, they will then put the lists up for sale and sell the lists to other email marketing companies. These are just the tip of the iceberg—there are many methods that hackers can use to gain access to your network or computer. There is not one, single weakness that creates hacking opportunities, which also means there is no silver bullet to stop it. Network, workstation and internet security is an ongoing, never-ending process to manage the threat, mitigate the threat and react to a threat once it is discovered.

This article is the first in a two-part series on hacking and cybersecurity. Click here to read Part 2, which will teach you how to protect yourself from these dangers.