Know Your Enemy: The Most Popular Hacking Methods

Uploaded on 2016-02-24 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Balabit surveyed which methods or vulnerabilities IT security experts think that attackers are using the most - or taking advantage of - when they want to get sensitive data in the shortest time: Outsiders want to become insiders with the least possible effort, and insiders help them do so - mostly accidentally.

54% of the survey respondents said that, according to their experience, organisations are still afraid of hackers breaking into their IT network through their firewall.

At the same time over 40% of them said that they already clearly see that first-line defence tools, such as firewalls are just not effective enough to keep the hackers away.

The Balabit survey examined which methods or vulnerabilities IT security experts think that attackers are using the most - or taking advantage of - when they want to get sensitive data in the shortest time:

Social engineering

Most of the attackers aim to get a low level insider user account and escalate its privileges. Trying to identify an existing corporate user and trying to break its password is a slow process and leaves so many footprints behind (e.g. lots of additionally generated logs as a result of the automated attacks) that greatly increases the risk of being noticed that something suspicious is happening. Therefore, hackers mostly use social engineering attacks when users “voluntarily” give their account and password.

"Traditional access control tools and anti-malware solutions are necessary, but these only protect companies’ sensitive assets while hackers are outside of the network. Once they manage to break into the system, even gaining a low level access, they can easily escalate their rights and gain privileged or root access in the corporate network. Once it happens, the enemy is inside and poses a much higher risk as they seem to be one of us," said Zoltán Györkõ, CEO at Balabit.

Compromised accounts

Compromised accounts, especially weak accounts are dangerous because users commonly use weak passwords, sometimes the same password is used both for corporate and private accounts.

In case a hacker can gain such a user's account and password in a less secured system (such as through a private social media account), it can easily be used to log into the company network.

Web-based attacks

Security issues of web based applications such as SQL injections still rank as very popular amongst hacking methods, mainly because applications are the #1 interface for company assets for many insider and outsider users therefore providing a huge attack surface.

Unfortunately the quality of application codes are still questionable from a security point of view, and there are many automated scanners from which attackers can easily detect vulnerable applications.

The other hacking methods listed can also have the same results for attackers but might be a bit more complicated or time-consuming, for instance, writing an exploit takes time and requires good coding skills.

The additional most popular hacking methods are ranked as follows:

  • Client side attacks (e.g. against doc readers, web browsers)
  • Exploit against popular server updates (e.g. OpenSSL, Heartbleed)
  • Unmanaged personal devices (e.g. lack of BYOD policy)
  • Physical intrusion
  • Shadow IT (e.g. users’ personal cloud-based services for business purposes)
  • Managing third party service providers (e.g. outsourced infrastructure)

Take advantage of getting data put to the cloud (e.g. IAAS, PAAS).

Net-Security: http://bit.ly/218CbrR

« Ex - CIA Spy Confirms That The US And Russia Are At Cyber War
Cybersecurity To Go On The Offensive »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Omerta

Omerta

Omerta is a global security technology and services company. We advise, consult, design, build, mitigate, protect, manage, provide and train to protect from increasing cyber threats.

Business Intelligence Associates (BIA)

Business Intelligence Associates (BIA)

BIA's TotalDiscovery is a defensible and cost-effective corporate preservation and legal compliance software solution.

Netwrix

Netwrix

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

Defence Intelligence

Defence Intelligence

Defence Intelligence is an information security firm specializing in advanced malware protection.

National Cyber Security Agency (NACSA) Malaysia

National Cyber Security Agency (NACSA) Malaysia

NACSA is the leading government agency in Malaysia responsible for the development and implementation of national cyber security management policie and strategies.

MagicCube

MagicCube

MagicCube is a device independent IoT security platform that protects against on-device, cloud, and network attacks.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

Liongard

Liongard

Liongard automates the management and protection of modern IT environments at scale for IT MSPs - Managed Service Providers and Enterprise IT Operations.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

Deeper Network

Deeper Network

Deeper Network represents the world's first decentralized blockchain network for building a truly private, secure and fair Internet.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

Virtual Technologies Group (VTG)

Virtual Technologies Group (VTG)

Virtual Technologies Group is a single source, IT product and services provider for SMBs and IT departments, delivering reliable, cost-efficient service, maintenance and support solutions.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Brightworks Group

Brightworks Group

BrightWorks Group offer comprehensive technology operations and security operations consulting services, tailored to meet your specific needs.

Ivolv Cybersecurity

Ivolv Cybersecurity

Ivolv is here to assist your organization in building effective protection and resilience against cyber attacks.