Know Your Enemy: The Most Popular Hacking Methods

Balabit surveyed which methods or vulnerabilities IT security experts think that attackers are using the most - or taking advantage of - when they want to get sensitive data in the shortest time: Outsiders want to become insiders with the least possible effort, and insiders help them do so - mostly accidentally.

54% of the survey respondents said that, according to their experience, organisations are still afraid of hackers breaking into their IT network through their firewall.

At the same time over 40% of them said that they already clearly see that first-line defence tools, such as firewalls are just not effective enough to keep the hackers away.

The Balabit survey examined which methods or vulnerabilities IT security experts think that attackers are using the most - or taking advantage of - when they want to get sensitive data in the shortest time:

Social engineering

Most of the attackers aim to get a low level insider user account and escalate its privileges. Trying to identify an existing corporate user and trying to break its password is a slow process and leaves so many footprints behind (e.g. lots of additionally generated logs as a result of the automated attacks) that greatly increases the risk of being noticed that something suspicious is happening. Therefore, hackers mostly use social engineering attacks when users “voluntarily” give their account and password.

"Traditional access control tools and anti-malware solutions are necessary, but these only protect companies’ sensitive assets while hackers are outside of the network. Once they manage to break into the system, even gaining a low level access, they can easily escalate their rights and gain privileged or root access in the corporate network. Once it happens, the enemy is inside and poses a much higher risk as they seem to be one of us," said Zoltán Györkõ, CEO at Balabit.

Compromised accounts

Compromised accounts, especially weak accounts are dangerous because users commonly use weak passwords, sometimes the same password is used both for corporate and private accounts.

In case a hacker can gain such a user's account and password in a less secured system (such as through a private social media account), it can easily be used to log into the company network.

Web-based attacks

Security issues of web based applications such as SQL injections still rank as very popular amongst hacking methods, mainly because applications are the #1 interface for company assets for many insider and outsider users therefore providing a huge attack surface.

Unfortunately the quality of application codes are still questionable from a security point of view, and there are many automated scanners from which attackers can easily detect vulnerable applications.

The other hacking methods listed can also have the same results for attackers but might be a bit more complicated or time-consuming, for instance, writing an exploit takes time and requires good coding skills.

The additional most popular hacking methods are ranked as follows:

  • Client side attacks (e.g. against doc readers, web browsers)
  • Exploit against popular server updates (e.g. OpenSSL, Heartbleed)
  • Unmanaged personal devices (e.g. lack of BYOD policy)
  • Physical intrusion
  • Shadow IT (e.g. users’ personal cloud-based services for business purposes)
  • Managing third party service providers (e.g. outsourced infrastructure)

Take advantage of getting data put to the cloud (e.g. IAAS, PAAS).

Net-Security: http://bit.ly/218CbrR

« Ex - CIA Spy Confirms That The US And Russia Are At Cyber War
Cybersecurity To Go On The Offensive »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Copenhagen FinTech

Copenhagen FinTech

Copenhagen FinTech is a centre for R&D and innovation in the Danish finance IT sector. Focus areas include cyber security and payments platforms.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

StackRox

StackRox

StackRox delivers a container-native security platform that adapts detection and response to new threats.

Seculert

Seculert

The Seculert Attack Detection & Analytics Platform combines machine-learning based analytics and threat intelligence to automatically detect cyber attacks inside the network.

Center for Analysis & Investigation of Cyber-Attacks (CAICA)

Center for Analysis & Investigation of Cyber-Attacks (CAICA)

The Center for Analysis & Investigation of Cyber-Attacks is one of the leading Kazakhstan organisations in the field of information and computer security.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Hardenite

Hardenite

Hardenite solution helps R&D, DevOps and IT teams to continuously manage security risks and hardening efforts of any Linux OS – based product, throughout the product life cycle.

Space ISAC

Space ISAC

Space ISAC is the only all-threats security information source for the public and private space sector.

Kentik

Kentik

Kentik - one platform for Network Visibility, Performance, and Security.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

CY4GATE

CY4GATE

CY4GATE was conceived to design, develop and produce technologies and products that are able to meet the most stringent and modern requirements of Cyber Intelligence & Cyber Security.

Vizius Group

Vizius Group

The Vizius Group are a think tank of cybersecurity consultants who understand the mechanics and business value of risk reduction.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

CoreStack

CoreStack

CoreStack helps enterprises overcome cloud challenges such as ever growing security risks, stringent regulatory compliance needs and operational complexities.

BIRD Cyber

BIRD Cyber

BIRD Cyber is a program to promote collaboration on cybersecurity and emerging technologies aimed at enhancing the cyber resilience of critical infrastructure.

Panoptic Cyber

Panoptic Cyber

Panoptic Cyber are a team of elite Armed Forces Veterans who hold a wealth of experience in Information Security, Cyber Security, Data Protection and Risk Management.