We Dig Into the Hacker’s Playbook for Some Solid Security Lessons

by | Dec 5, 2016

mr-robotWhat crosses your mind when you think about hacking attacks and data breaches? Do you picture a hacker in a ski mask typing furiously, or do you imagine scenes made memorable like those in television and film in works like Mr. Robot or Live Free or Die Hard? In the latter, hacking attacks are perpetrated by masterminds or those with grand ambition. Yet, this trend may portray an inaccurate representation of the typical hacker.

Keep in mind what these hacking tales are created to do: entertain. While life is often stranger than fiction, in the case of hackers, this certainly isn’t so. Security company SafeBreach issued the second edition of their Hacker’s Playbook, which guides the reader through the company’s experiences as they simulated particular methods of data breaches. The methods which succeeded were picked apart to understand how the hacker made their way into the network, how they moved around without getting caught, and how they made off with the data.

The results of such an experiment might shock you. Most successful attacks were operated by those who have been around for quite some time. Including executable files in email attachments was a favorite (and effective) tactic in a quarter of all attempts, while malware distribution, rootkits, and .zip files were also highly efficient. The results concluded that it’s not huge vulnerabilities that bring about catastrophe, as you might see on the big screen.

Rather, it’s simple issues that are often discreet and rely on user error.

Your security measures may not be up to snuff to protect your systems from this type of threat. In fact, the solutions that you rely on to keep your infrastructure safe from malware may be configured incorrectly, leaving you wide open to attacks.

What this means for businesses is that it’s practically guaranteed that, at some point, you can expect to be hacked. When this time comes, you want to make sure that you have both preventative measures to limit the damage done, and reactive solutions that can quickly detect and eliminate threats. Furthermore, it’s of the utmost importance that you educate your employees on cybersecurity best practices, and that you keep your systems as up-to-date and functional as possible.

Malicious links are hidden:

  • on common websites
  • in common-looking advertisements
  • inside text links
  • in website pop-up windows
  • especially in emails

Bogus UPS, Amazon, Best Buy and the Prince of Nigeria emails and notifications all want you to “click here for details” or to “verify” your account. These emails may look genuine but the simplest test is to simply consider if you have done business with any of these companies recently. These emails may have links or attachments that contain hidden adware, spam or ransomware that immediately infect your computer.

We urge you to err on the side of caution and use common sense as most of these infection are preventable; sometimes the best action is inaction. Don’t click.

With ActiveCo Technology Management’s comprehensive security solutions, you’ll find yourself losing less sleep over your network’s security. To learn more, reach out to us at PHONENUMBER.

Learn more on this topic

Related Blog Posts

Your Personal Titanic Moment

Your Personal Titanic Moment

On a recent interview about the Titan sub catastrophe, director of the movie Titanic James Cameron, who has made 33 successful dives to the Titanic wreckage site, pointed out that this tragedy is eerily similar to the 1912 Titanic disaster: the captain of the 1912 RMS...