Looking at hacking and security from a different perspective
From a hacker’s perspective, what we refer to as “security” is nothing more than a collection of technical obstacles that can be overcome by careful research and planning. These obstacles can be overcome by attacking devices over the network, obtaining physical access to a device, or socially engineering users into taking actions that result in a compromise. Convincing users to open an email or attachment, go to a Website, insert a CD/DVD, install an application, attach a USB device, or divulge password information, are all proven means to compromise a system. After a compromise is achieved, a hacker will attempt one or more of the following actions:
Take control of a device. Control means that a hacker can execute (run) commands on a device, either remotely or through automated means. Executing commands includes downloading and uploading files, attacking other devices, and communicating with other hacker controlled devices.
Access, capture and transfer information. Once a hacker can execute commands, he may try to access and capture information, and then transfer that information out of the network. I say “may” try, because obtaining information is not always an objective. In some cases, the only objective is control. Information includes data, configuration information, security settings and a list of programs that are executing.
Insert code. Code is just techno-speak for computer programs, scripts, computer program segments or anything else that can be executed on a computer. Inserting code facilitates either or both of the above.
Make configuration changes. Configuration changes are made to facilitate all of the above plus avoiding detection by humans or automated means, and preventing software updates. Configuration changes can include reverting back to a previous version of an operating system (any device) or application – and even uninstalling a patch.
Hacking is not really as big of a mystery as some people make it out to be. There are a lot of books, Websites and turn-key hacking solutions to fit everyone’s skills, needs and budget. Once a person knows what he is doing and has the right tools, hacking becomes easy.What a hacker is able to hack boils down to a hacker’s individual ingenuity and skill.
Now lets turn our attention to security.
If your systems don’t have anti-malware software…
Or the anti-malware signatures are not up-to-date…
Or the anti-malware is disabled or not functioning properly…
Or there is no malware signature that matches the code a hacker is using…
… you’re dead.
What other non-signature based security products do you use that can detect:
- Unauthorized control of ANY device attached to the network, including servers, desktops, network attached storage, routers, switches, printers and copiers
- Unauthorized access, capture and transfer of information from ANY device
- Insertion of code
- Unauthorized configuration changes
If you own or manage a business and have concerns that your organization may not have adequate protection against these types of actions, you need to speak to your security team about these types of issues. If you don’t have someone in-house, contact a computer security firm. A computer security firm can do a security and risk assessment, and provide you with a variety of options that meet your needs and budget.
Are you fascinated by all of this? Want to learn more? Want to know what else you need to be concerned about? Read my book!