White Hat Female Hacker Leads The Way

Uploaded on 2019-02-13 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Every 40 seconds, there is a cyber-attack; the criminals are getting smarter, their attacks are getting more and more sophisticated. Sherri Davidoff is the CEO of LMG Security a national consulting firm. She is a White Hat, meaning she hacks into computer systems, but for the good guys.

"We've seen this whole hacker economy evolve. And that means it's no longer 13-year-olds in their mom's basement that are hacking us," said Davidoff. "It is organised crime groups all over the world."

The data backs that up: according to the 2018 Verizon Data Breach Investigative Report, 50 percent of all breaches were carried out by organised criminal groups.

Davidoff, an MIT grad, was one of the first female hackers in an industry still dominated by men. From an office in downtown Missoula that looks out on snow-capped peaks, she and an all-female management team run a national consulting firm called LMG Security, which is hired by companies to test their security.

LMG Security tests companies for their cyber-security flaws. Often that means sending out emails to employees and calling, in hopes of getting them to click on a malware link. LMG then assists them in damage control after they've been hacked and helps them get cleaned up so they aren't repeat victims. They also hold security seminars for employees and executives, and help companies comply with cybersecurity laws and standards.

Anatomy of a Hack

LMG's war room is equipped with the same tools the bad guys, the "black hats," use. It has rows of computer screens, malware purchased on the dark web, and spoofing tools that disguise everything from phone numbers to voices. Davidoff gave NBC News an exclusive look as LMG's white hats prepared to hack an unnamed company to test for vulnerabilities.

"Attackers can send out 100,000 'phishing' emails," explained Davidoff, "and if one percent of people click on the link, that's 1000 people they've infected."

The team disguised their phone numbers and email addresses to look as if they were coming from inside the company, a tactic cyber criminals often use. Team members then sent out phishing emails with an address that looked like the messages were coming from the company's own IT department.

The fake emails, offering the chance to 'opt out' of a four-hour training, were meant to trick employees into clicking on a link that supposedly led to an online training site, but really just opened the door for hackers to get in.

If the employees took the bait and logged in, their passwords were captured. The "victims" then received an "error" message saying someone would be calling shortly. That's when Davidoff's team went to work with part two of the hack, the phone calls.

With numbers masked to look like they are coming from inside the company, Davidoff's staff called the targets, claiming to be tech support to help with the error. The callers, who sounded frighteningly realistic, instructed the victims to download a form that would allow the virus to infect their computer systems.

Some were suspicious and declined, but a few went ahead and clicked. It took mere minutes for Davidoff's crew to find a few takers, and have an open lane to infecting the entire company's system with a computer worm that could be absolutely devastating.

The white-hat team then repeated the process twice more for two other companies, with similar results.

Real life hacking situations look very similar to what Davidoff has set up, offices and all. Cyber criminals have gotten so good, she says, that cybercrime has turned into an entire underground industry, and criminals are increasingly employed by larger operations in a 9-to-5 job, only their job is to steal your information.

"In some cases, they're businesses," said Davidoff. "They are employing people that have families, and they don't see it as breaking into your organization. They see it as work. The same way you go to work, they go to work."

In fact, cybercrime has become so businesslike that if you were to buy one of these malicious programs on the anonymous part of the internet known as the "dark web," they come with a manual — and tech support. One dark web seller advertised "full support" and a refund if you weren't satisfied with your purchase.

The "dark web" is where cyber criminals go to purchase banking Trojans or other viruses that infect computer systems and can steal passwords, banking information, or documents that criminals can then hold for ransom.

These viruses are striking everywhere from small businesses to entire towns — and costing a lot of money in the process. The city of Allentown, Pennsylvania has its computer systems hacked in early 2018, compromising employee credential data and knocking out critical computer systems. The bill to clean up the mess left behind by the hackers and to ensure that it didn't happen again? Nearly 1 million dollars.

How Consumers Can Combat the Hacks

The number one thing you can do to protect yourself from cybercrime, according to Davidoff, is "think before you click." She advises against clicking on any emails that don't seem familiar.

Number two is to back-up your data, so that if you do get hacked you won't lose all of the important files you have in your system. Number three is enable two-factor authentication on things like your email accounts and mobile banking apps. That means using a second credential in addition to your password, like a code generated by an app on your smartphone. Davidoff says it's a simple thing that everyone who uses the internet should do.

With the threats only increasing every year, Davidoff has been busy. She runs a second company from the same Missoula office called Brightwise, which specializes in cybersecurity training. Her life, from the halls of MIT to running her own company and having children in the mountains in Montana, is now the subject of a book out this month called "Breaking and Entering: The Extraordinary Story of a Hacker called Alien."

She does not see herself slowing down anytime soon and keeps a constant eye on the threats of the future. "The watches you wear, any coffee pots or refrigerators that are smart that you plug in, all of these are computers," she said. This means that all of those are, potentially, hackable. Davidoff says that we are entering a time period where homes can get infected with malicious software, and cyber-criminals will eventually hold our own appliances for ransom.

"That's where we're headed in the next decade," Davidoff said. "Sleep tight."

NBC News:

You Might Also Read:

Are Women Better At Cyber Security?:

Darktrace CEO Says Cyber Security Is A Global Arms Race:

 

« Dubai Police Hold 2nd Annual Cybersecurity Challenge
Military Cyber Training Methods »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Ripjar

Ripjar

Ripjar is a global company of talented technologists, data scientists and analysts designing products that will change the way criminal activities are detected and prevented.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Skurio

Skurio

Skurio create cost-effective, intuitive and powerful Cloud based solutions to identify threats, detect data breaches outside the network and automate the response.

Signifyd

Signifyd

Signifyd is the world's largest provider of Guaranteed e-Commerce Fraud Protection.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

Neupart

Neupart

Neupart provides Information Security Management System, Secure ISMS, allowing organisations to automate IT Governance, Risk and Compliance management.

Advens

Advens

Advens is a company specializing in information security management. We provide Consultancy, Security Audits and Technology Solutions.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

Upfort

Upfort

Upfort (formerly Paladin Cyber) unifies award-winning security and robust cyber insurance to deliver comprehensive cyber risk solutions.

Cybriant

Cybriant

Cybriant Strategic Security Services provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment.

Raonsecure

Raonsecure

Raonsecure is one of Korea’s leading ICT security software companies – providing a variety of PC and mobile security solutions to financial institutions, government, and enterprise.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Tactic Labs

Tactic Labs

Tactic Labs (part of the Avnon Group) delivers a holistic Cyber-Security Management Platform which provides military-grade protection, safeguarding critical infrastructures and mission-critical data.

Phished

Phished

Phished is an AI-driven platform that focuses on the human side of cybersecurity. By combining fully automated training software with personalised, realistic simulations of cyberattacks.

Association of anti Virus Asia Researchers (AVAR)

Association of anti Virus Asia Researchers (AVAR)

AVAR's mission is to prevent the spread of and damage caused by malicious software, and to develop cooperative relationships among anti-malware experts in Asia.

Alea Consulting

Alea Consulting

Alea Consulting is a global risk mitigation and investigative consulting firm, which helps organizations reduce reputation and operational concerns.