Know Your Enemy: The Most Popular Hacking Methods

Uploaded on 2016-02-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Balabit surveyed which methods or vulnerabilities IT security experts think that attackers are using the most - or taking advantage of - when they want to get sensitive data in the shortest time: Outsiders want to become insiders with the least possible effort, and insiders help them do so - mostly accidentally.

54% of the survey respondents said that, according to their experience, organisations are still afraid of hackers breaking into their IT network through their firewall.

At the same time over 40% of them said that they already clearly see that first-line defence tools, such as firewalls are just not effective enough to keep the hackers away.

The Balabit survey examined which methods or vulnerabilities IT security experts think that attackers are using the most - or taking advantage of - when they want to get sensitive data in the shortest time:

Social engineering

Most of the attackers aim to get a low level insider user account and escalate its privileges. Trying to identify an existing corporate user and trying to break its password is a slow process and leaves so many footprints behind (e.g. lots of additionally generated logs as a result of the automated attacks) that greatly increases the risk of being noticed that something suspicious is happening. Therefore, hackers mostly use social engineering attacks when users “voluntarily” give their account and password.

"Traditional access control tools and anti-malware solutions are necessary, but these only protect companies’ sensitive assets while hackers are outside of the network. Once they manage to break into the system, even gaining a low level access, they can easily escalate their rights and gain privileged or root access in the corporate network. Once it happens, the enemy is inside and poses a much higher risk as they seem to be one of us," said Zoltán Györkõ, CEO at Balabit.

Compromised accounts

Compromised accounts, especially weak accounts are dangerous because users commonly use weak passwords, sometimes the same password is used both for corporate and private accounts.

In case a hacker can gain such a user's account and password in a less secured system (such as through a private social media account), it can easily be used to log into the company network.

Web-based attacks

Security issues of web based applications such as SQL injections still rank as very popular amongst hacking methods, mainly because applications are the #1 interface for company assets for many insider and outsider users therefore providing a huge attack surface.

Unfortunately the quality of application codes are still questionable from a security point of view, and there are many automated scanners from which attackers can easily detect vulnerable applications.

The other hacking methods listed can also have the same results for attackers but might be a bit more complicated or time-consuming, for instance, writing an exploit takes time and requires good coding skills.

The additional most popular hacking methods are ranked as follows:

  • Client side attacks (e.g. against doc readers, web browsers)
  • Exploit against popular server updates (e.g. OpenSSL, Heartbleed)
  • Unmanaged personal devices (e.g. lack of BYOD policy)
  • Physical intrusion
  • Shadow IT (e.g. users’ personal cloud-based services for business purposes)
  • Managing third party service providers (e.g. outsourced infrastructure)

Take advantage of getting data put to the cloud (e.g. IAAS, PAAS).

Net-Security: http://bit.ly/218CbrR

« Ex - CIA Spy Confirms That The US And Russia Are At Cyber War
Cybersecurity To Go On The Offensive »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clifford Chance

Clifford Chance

Clifford Chance are one of the world's pre-eminent law firms with resources across five continents. Practice areas include Cyber Security & Information Protection

JPCERT/CC

JPCERT/CC

JPCERT/CC is the first Computer Security Incident Response Team (CSIRT) established in Japan.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

Cobalt Labs

Cobalt Labs

Pen Testing as a Service for Modern SaaS Businesses. Cobalt is redefining the modern pen test for companies who want serious hacker-like testing built into their development cycle.

Merlin Cyber

Merlin Cyber

Merlin is a premier cybersecurity platform that leverages security technologies, trusted relationships, and capital to develop and deliver groundbreaking security solutions.

GlassSquid

GlassSquid

glasssquid.io simplifies your cyber security job search. We want to help you find your next perfect fit opportunity by removing the confusion.

drie

drie

drie is an end-to-end cloud services company based in Bahrain, Dubai and London. We enable businesses to adopt, scale on and build for cloud.

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC) is an information security company providing website vulnerability scanning and monitoring services.

Exterro

Exterro

Exterro is a leading provider of e-discovery and information governance software specifically designed for in-house legal, privacy and IT teams at Global 2000 and Am Law 200 organizations.

Gunnison Consulting Group

Gunnison Consulting Group

Gunnison Consulting Group serves the Federal Government with high quality IT consulting services.

Astrix Security

Astrix Security

Astrix enables security teams to instantly see through the fog of connects and detect redundant, misconfigured and malicious third-party exposure to their critical systems.

Exacom

Exacom

Exacom is a leading provider of multimedia logging/recording solutions across public safety, government, DoD, energy, utilities, transportation, and security applications.

GO Business

GO Business

GO Business are a specialised B2B team within GO that caters to the communication needs of the local business community in Malta.

TeamT5

TeamT5

TeamT5 Inc. is a leading cybersecurity company dedicated to cyber threat research and solutions.

CyRiSo

CyRiSo

CyRiSo is a cyber security consulting company with a focus on 'as-a-service' services for the most pressing challenges of cyber security.