By Amanda Daly, Eze Castle Integration – Black Hat vs White Hat & every shade in between. The term hacker carries a negative connotation because a majority of the time we only hear about the “bad” hackers. Hackers tend to attack more often than they should. Be sure to be guards up and on the lookout for hacker’s exploits – from social engineering to poor patch management – to protect your firm.
Black hat hacker’s tricks
Black Hat hackers exploit individuals for money, information, and much more, all for personal gain. White Hat Hackers, however, are the good guys. White Hat hackers help you to identify security gaps that Black Hats may penetrate.
So, let’s look at the favourite technique that Black Hat Hackers use – first up is social engineering.
Social engineering (eg phishing, baiting, pretexting, etc) relies on the exploitation of human behaviors to breach an organisation’s information security system. Hackers prey on propensities of human nature, including:
- Trust: Some people are trusting to a fault; therefore, they do not question the intentions/identity of another person until proven to be false.
- Ignorance: Disregard for the consequences of carelessness with sensitive business information.
- Laziness: Willingness to cut corners, such as not filing away confidential paperwork and leaving it exposed for others to see.
- Kindness: Employees want to feel that others can leverage them for their assistance and information because we’ve trained them to do so. However, this can lead to divulging too much information to the wrong person.
Social engineering techniques
During a social engineering scheme, criminals will typically attempt to trick victims into clicking on malevolent attachments and hyperlinks by promoting them as relevant, insightful and/or significant content. For example, a hacker sends the target firm a PDF attachment via email that appears to be an invoice. However, the PDF is actually an executable file (.exe) that runs a malicious program. The unwary employee downloads the authentic-looking PDF and unleashes the malware file into its organisation’s network, granting it access to sensitive data and leaving the company at risk.
In many cases, the malware may be ransomware, meaning the compromised computer would be locked and victim demanded to make a payment in order to regain access to files. Firms should leverage [Eze Castle] phishing simulations to test users’ knowledge and information security awareness on a regular basis.
Ransomware/malware: Another favourite
In May of 2017, WannaCry ransomware hit centre stage and spread globally, affecting large number of organisations. WannaCry encrypts data files and asks users to pay a ransom in bitcoins. WannaCry has the ability to spread itself within corporate networks, without user interaction, by exploiting a known vulnerability in Microsoft Windows. If the computer is not up to date with the latest Windows security updates, these are the ones that were (and still can be!) at risk of infection.
By not upgrading, firms are potentially risking everything. As patches and bug fixes are no longer being provided, hackers have an unguarded entrance to access a firm’s environment. This not only increases the firm’s odds of being hacked, but also raises the gravity of ensuing damages should an incident occur.
Missing patches = open doors for black hat hackers
Outdated systems are dangerous yet all systems can become dangerous if left unpatched. That’s why we recommend looking at a patch management service. Companies – such as Eze Castle Integration! – can provide fully managed patch services to ensure software and firmware remain up-to-date and are proactively monitored to prevent security bugs and malicious exploits, reducing overall firm risk.
- Our NetOps team takes a phased approach to patch management, with the end goal of reducing as much overall risk to the client as possible. The phases include:
- Assess Environment: Our team defines what systems clients have deployed and monitors the appropriate vendors for patch release updates.
- Discover & Test Patches: Immediately after a patch is issued by the software provider (i.e. Microsoft), NetOps deploys the patch to a lab environment that simulates a client infrastructure. This testing phase allows our team to identify any unforeseen issues and make adjustments as necessary before issuing updates more broadly.
- Pilot & Plan Deployment: Shortly after the testing phase, patches are deployed to ‘pilot’ clients and early adopters, providing NetOps with additional insight into the effectiveness of the patch.
- Deploy Patches: Finally, during the deployment phase, all subscribed clients are issued the necessary patches. Ongoing monitoring takes place to ensure patches are applied as intended.
To further protect you and your firms’ information from hacks and hackers, be sure to:
- Back up – Backups are the only way to successfully recover your data. Ensure you leverage a secure and reliable backup and recovery tool that will de-duplicate, compress, encrypt and securely transfer your data to an offsite data center.
- Detect – For security-advanced firms, consider taking a step further and employing continuous intrusion detection and prevention monitoring with a 24x7x365 active threat protection system.
- Patch – If you rely on a managed service provider (MSP) for cloud services, you may already have this covered. If not: consider leveraging a patch management service to stay ahead of the latest bug and security fixes and reduce the risk of malicious exploits.
- Phish – leverage phishing simulations to test users’ knowledge and information security awareness on a regular basis
- Scan – Vulnerability assessments scan for malware, viruses, backdoors, hosts communicating with botnet-infected systems, known/unknown processes and web services linking to malicious content.
Check out these 10 common cyber gaps to help reduce your firm’s risk
