Hacking is often called the biggest danger to the economic security of the United States and the world.
So how do hackers get in the door? Alperovitch, who once worked for McAfee and is now the co-founder and CTO of the cyber security firm CrowdStrike, compiled a list for CNBC.com.
Email Social Engineering/Spear Phishing
“Spear phishing” — social engineering through email — is one of the most common tactics hackers use when attacking a system, according to Alperovitch.
Cyber spies can get into a network by sending an email or instant message to a targeted victim that will have an attachment or perhaps a link to a website. It will also be customized for the recipient.
For example, “if you are in the sales department, it will ask for information about products,” Alperovitch said.
Once you open the attachment or click on the link, a vulnerability in the system's application such as a word processor or browser will be exploited. Malicious software, known as malware, will then start executing on the machine and open up a communication channel to the hacker to allow them to browse and control the system.
Hackers can also use the infected computer “as a beachhead to get into other machines within that network,” he said.
Alperovitch said that’s how cyber spies were able to hack into Google last year.
Infection Via a Drive-By Web Download
If cyber spies are interested in a lot of people within a larger group, they can target a website that’s used by the group or company, Alperovitch said.
The hackers will look for a vulnerability on the website to get in, or access it through spear phishing.
“They will … implant a piece of code on that website so that anyone who comes on that website will be immediately infected,” he explained.
It’s a tactic that is growing in popularity and is a common way to target dissidents, he said. However, it can also affect company or government websites.
USB Key Malware
Malware can also get onto a computer through a USB key. For instance, someone can slide infected USB keys into packets given out at a conference, Alperovitch said. Once the unsuspecting person plugs the key into his or her machine, malware is installed. It can also be surreptitiously inserted into a computer by a spy on the inside of a company.
Scanning Networks for Vulnerabilities and Exploitment
Hackers can remotely scan servers to determine vulnerabilities within that system. Once they find a vulnerability, they exploit it by sending a command or data to the server that will cause the application to crash and will then start executing code.
In other words, it is like a potential burglar “looking at your house and seeing your doors unlocked and simply [walking] in,” Alperovitch said.
Typically it’s the smaller companies that get hit this way, Alperovitch said, since most large companies have good security around its system perimeters.
Guessing or Social Engineering Passwords
Most companies have the ability for their workers to log in remotely to the corporate computer system, or to access company email through a website. To get into the system, workers need a username and password, which are coveted by hackers.
“If [hackers] can find out the credentials for that user, they can log in [remotely] as that user and access network resources,” Alperovitch said.
To obtain passwords, hackers have various ways to trick users into giving up their credentials. For example, they can send an email asking their target to reset their password. Once the target clicks on the supplied link and enters his or her password, the hacker now has it and will use it to remotely log into the computer system.
Wifi Compromises
Hackers can invade a system by exploiting an open wireless network, or one with easy security. They can literally sit outside a business firm’s physical location and get into the system through the unsecured or poorly secured wifi.
TJ Maxx knows all too well about these dangers. Alperovitch said that’s how hackers got into the retailer’s system several years ago and stole 45.7 million credit and debit cards from the company.
Stolen Credentials From Third-Party Sites
Some cyber spies like to troll for victims on third-party sites, like LinkedIn. When they find someone working for a company they want to infiltrate, they attempt to hack into the third party website and steal the employee’s credentials. Since some people tend use the same username and password for both work and other websites, the hacker can now log onto the company website and compromise the system, Alperovitch said.
This is why IT security experts recommend using different user names and passwords for different websites.
Compromising Web-Based Databases
When a person enters information on a website, like an email address or credit card, it gets stored in that company’s data base. Those web-based forms are a simple tool for users, but they are also another way hackers can exploit a company’s system. Instead of inputting a name into the website, cyber spies can put in a specially crafted text that may cause the database to execute the code instead of simply storing it, Alperovitch said. The result is a “malicious takeover of the system,” he said.
Exploiting Password Reset Services to Hijack Accounts
Some hackers are able to hijack email accounts by resetting the user’s password without the person’s knowledge. Alperovitch said the execution is quite simple — hackers find out the answers to possible security questions by researching the victim on social networking sites and other places, and use the email company’s reset service to change the password. Once the password is changed, they have unlimited access to its victim’s email account.
Insiders
Even in a high-tech world, cyber spies have resorted to old-fashioned cloak-and-dagger techniques to infiltrate systems. Spies find ways to get hired by companies, and once inside they try to get into the system. They’ve also been known to bribe an individual already employed by the corporation they’re targeting to hack into the network.
So how do hackers get in the door? Alperovitch, who once worked for McAfee and is now the co-founder and CTO of the cyber security firm CrowdStrike, compiled a list for CNBC.com.
Email Social Engineering/Spear Phishing
“Spear phishing” — social engineering through email — is one of the most common tactics hackers use when attacking a system, according to Alperovitch.
Cyber spies can get into a network by sending an email or instant message to a targeted victim that will have an attachment or perhaps a link to a website. It will also be customized for the recipient.
For example, “if you are in the sales department, it will ask for information about products,” Alperovitch said.
Once you open the attachment or click on the link, a vulnerability in the system's application such as a word processor or browser will be exploited. Malicious software, known as malware, will then start executing on the machine and open up a communication channel to the hacker to allow them to browse and control the system.
Hackers can also use the infected computer “as a beachhead to get into other machines within that network,” he said.
Alperovitch said that’s how cyber spies were able to hack into Google last year.
Infection Via a Drive-By Web Download
If cyber spies are interested in a lot of people within a larger group, they can target a website that’s used by the group or company, Alperovitch said.
The hackers will look for a vulnerability on the website to get in, or access it through spear phishing.
“They will … implant a piece of code on that website so that anyone who comes on that website will be immediately infected,” he explained.
It’s a tactic that is growing in popularity and is a common way to target dissidents, he said. However, it can also affect company or government websites.
USB Key Malware
Malware can also get onto a computer through a USB key. For instance, someone can slide infected USB keys into packets given out at a conference, Alperovitch said. Once the unsuspecting person plugs the key into his or her machine, malware is installed. It can also be surreptitiously inserted into a computer by a spy on the inside of a company.
Scanning Networks for Vulnerabilities and Exploitment
Hackers can remotely scan servers to determine vulnerabilities within that system. Once they find a vulnerability, they exploit it by sending a command or data to the server that will cause the application to crash and will then start executing code.
In other words, it is like a potential burglar “looking at your house and seeing your doors unlocked and simply [walking] in,” Alperovitch said.
Typically it’s the smaller companies that get hit this way, Alperovitch said, since most large companies have good security around its system perimeters.
Guessing or Social Engineering Passwords
Most companies have the ability for their workers to log in remotely to the corporate computer system, or to access company email through a website. To get into the system, workers need a username and password, which are coveted by hackers.
“If [hackers] can find out the credentials for that user, they can log in [remotely] as that user and access network resources,” Alperovitch said.
To obtain passwords, hackers have various ways to trick users into giving up their credentials. For example, they can send an email asking their target to reset their password. Once the target clicks on the supplied link and enters his or her password, the hacker now has it and will use it to remotely log into the computer system.
Wifi Compromises
Hackers can invade a system by exploiting an open wireless network, or one with easy security. They can literally sit outside a business firm’s physical location and get into the system through the unsecured or poorly secured wifi.
TJ Maxx knows all too well about these dangers. Alperovitch said that’s how hackers got into the retailer’s system several years ago and stole 45.7 million credit and debit cards from the company.
Stolen Credentials From Third-Party Sites
Some cyber spies like to troll for victims on third-party sites, like LinkedIn. When they find someone working for a company they want to infiltrate, they attempt to hack into the third party website and steal the employee’s credentials. Since some people tend use the same username and password for both work and other websites, the hacker can now log onto the company website and compromise the system, Alperovitch said.
This is why IT security experts recommend using different user names and passwords for different websites.
Compromising Web-Based Databases
When a person enters information on a website, like an email address or credit card, it gets stored in that company’s data base. Those web-based forms are a simple tool for users, but they are also another way hackers can exploit a company’s system. Instead of inputting a name into the website, cyber spies can put in a specially crafted text that may cause the database to execute the code instead of simply storing it, Alperovitch said. The result is a “malicious takeover of the system,” he said.
Exploiting Password Reset Services to Hijack Accounts
Some hackers are able to hijack email accounts by resetting the user’s password without the person’s knowledge. Alperovitch said the execution is quite simple — hackers find out the answers to possible security questions by researching the victim on social networking sites and other places, and use the email company’s reset service to change the password. Once the password is changed, they have unlimited access to its victim’s email account.
Insiders
Even in a high-tech world, cyber spies have resorted to old-fashioned cloak-and-dagger techniques to infiltrate systems. Spies find ways to get hired by companies, and once inside they try to get into the system. They’ve also been known to bribe an individual already employed by the corporation they’re targeting to hack into the network.
http://www.abcandroidk.blogspot.in/
ReplyDelete