Staying a step ahead of hackers
Cybersecurity is an investment that no business can afford not to make. With ransomware and hacking attempts skyrocketing internationally – especially in South Africa – securing your personal and business data is as important as keeping your physical belongings safe.
The law enforcement community has an old saying: to catch a criminal, think like a criminal. Let’s find out how this sage advice can be used to stay a step ahead of hackers by learning how they think and predicting their next move.
Reality check: it’s never been easier to become a cybercriminal
Hollywood movies have done a good job of portraying hackers as geeky loners with an antisocial agenda.
Shady characters in hoodies shut in a basement with their faces half illuminated by a computer screen may be the movie image of hackers – but in reality they are highly organised and sometimes extremely social criminals.
- The rise of software-as-a-service means that bad actors on the dark web also have access to the latest apps. But while we subscribe to Uber and Microsoft Office, hackers sign up for ready-made criminal software to infiltrate our cyber defences.
- The rise of AI also means that bots are being trained to write malicious code, with the potential to affect millions of web users.
Considering the availability of hacking tools out there, criminals no longer need to have an extensive IT background in order to capitalise on the weaknesses in our cyber defences.
The big question is: how exactly do they go about planning and executing cyber-attacks?
The cybercrime mentality: understanding hackers’ MO
Before a cyber-attack or infiltration attempt takes place, cybercriminals will typically carry out these steps:
- Footprinting. This involves gathering information about your business to determine whether it’s a good target to pursue.
- Scanning. This phase is focused on finding out more about your company’s cyber defences and create a strategy to penetrate them.
- Enumeration. This phase is akin to knocking on the door to see if anyone is home and is usually carried out through DNS.
- The hack itself. Gaining access to your network using a vulnerability discovered in the first few steps.
- Privilege escalation. Once inside, hackers will increase their level of access to your files and password information to carry out the attack.
- Covering their tracks. Hackers will typically delete all evidence of having been in your system to avoid detection and prosecution.
- Creating a back door. In case they want to come back to steal again, hackers usually install an innocent seeming piece of software that will let them gain access to the network easily in future.
To stay a step ahead of hackers, it’s essential to counter each of these steps before they take place. Here’s how four steps can keep you one step ahead:
- Make your business less accessible by training your staff to spot and report social engineering attacks
- Strictly control permissions and file access on your network
- Use encrypted cloud data storage and multi factor authentication
- If an attack occurs, have a response plan ready and have an IT expert scan your network for back door software.
Soteria’s range of secure cloud storage solutions gives you a safe place to stash your data treasure. Click here to choose the package that best suits your needs.