Hacking refers to activities that seek to compromise digital devices, such as computers, smartphones, tablets, and even entire networks. And while hacking might not always be for malicious purposes, nowadays most references to hacking, and hackers, characterize it/them as unlawful activity by cybercriminals—motivated by financial gain, protest, information gathering (spying), and even just for the “fun” of the challenge.
Who are hackers?
Hacking tools: How do hackers hack?
Hacking is typically technical in nature (like creating malvertising that deposits malware in a drive-by attack requiring no user interaction). But hackers can also use psychology to trick the user into clicking on a malicious attachment or providing personal data. These tactics are referred to as “social engineering.”
In fact, it's accurate to characterize hacking as an over-arching umbrella term for activity behind most if not all of the malware and malicious cyberattacks on the computing public, businesses, and governments. Besides social engineering and malvertising, common hacking techniques include:
From script kiddies to organized cybercrime
As such, hacking has evolved from teenage mischief into a billion-dollar growth business, whose adherents have established a criminal infrastructure that develops and sells turnkey hacking tools to would-be crooks with less sophisticated technical skills (known as “script kiddies”). As an example, see: Emotet.
In another example, Windows users are reportedly the target of a wide-spread cybercriminal effort offering remote access to IT systems for just $10 via a dark web hacking store—potentially enabling attackers to steal information, disrupt systems, deploy ransomware, and more. Systems advertised for sale on the forum range from Windows XP through to Windows 10. The storeowners even offer tips for how those using the illicit logins can remain undetected.
“Hacking has evolved from teenage mischief into a billion-dollar growth business.”
Types of hacking/hackers
Broadly speaking, you can say that hackers attempt to break into computers and networks for any of four reasons.
- There's criminal financial gain, meaning the theft of credit card numbers or defrauding banking systems.
- Next, gaining street cred and burnishing one's reputation within hacker subculture motivates some hackers as they leave their mark on websites they vandalize as proof that they pulled off the hack.
- Then there's corporate espionage, when one company's hackers seek to steal information on a competitor's products and services to gain a marketplace advantage.
- Finally, entire nations engage in state-sponsored hacking to steal business and/or national intelligence, to destabilize their adversaries' infrastructure, or even to sow discord and confusion in the target country. (There's consensus that China and Russia have carried out such attacks, including one on Forbes.com. In addition, the recent attacks on the Democratic National Committee [DNC] made the news in a big way—especially after Microsoft says hackers accused of hacking into the Democratic National Committee have exploited previously undisclosed flaws in Microsoft's Windows operating system and Adobe Systems' Flash software. There are also instances of hacking courtesy of the United States government.)
There's even another category of cybercriminals: the hacker who is politically or socially motivated for some cause. Such hacker-activists, or “hacktivists,” strive to focus public attention on an issue by garnering unflattering attention on the target—usually by making sensitive information public. For notable hacktivist groups, along with some of their more famous undertakings, see Anonymous, WikiLeaks, and LulzSec.
Ethical hacking? White, black, and grey hats
There's also another way we parse hackers. Remember the classic old Western movies? Good guys = white hats. Bad guys = black hats. Today's cybersecurity frontier retains that Wild West vibe, with white hat and black hat hackers, and even a third in-between category.
If a hacker is a person with deep understanding of computer systems and software, and who uses that knowledge to somehow subvert that technology, then a black hat hacker does so for stealing something valuable or other malicious reasons. So it's reasonable to assign any of those four motivations (theft, reputation, corporate espionage, and nation-state hacking) to the black hats.
White hat hackers, on the other hand, strive to improve the security of an organization's security systems by finding vulnerable flaws so that they can prevent identity theft or other cybercrimes before the black hats notice. Corporations even employ their own white hat hackers as part of their support staff, as a recent article from the New York Times online edition highlights. Or businesses can even outsource their white hat hacking to services such as HackerOne, which tests software products for vulnerabilities and bugs for a bounty.
Finally, there's the gray hat crowd, hackers who use their skills to break into systems and networks without permission (just like the black hats). But instead of wreaking criminal havoc, they might report their discovery to the target owner and offer to repair the vulnerability for a small fee.
Hacking prevention
If your computer, tablet, or phone is at the bull's-eye of the hacker's target, then surround it with concentric rings of precautions.
Anti-malware protection
First and foremost, download a reliable anti-malware product (or app for the phone), which can both detect and neutralize malware and block connections to malicious phishing websites. Of course, whether you're on Windows, Android, a Mac, an iPhone, or in a business network, we recommend the layered protection of Malwarebytes for Windows, Malwarebytes for Mac, Malwarebytes for Android, Malwarebytes for Chromebook, Malwarebytes for iOS, and Malwarebytes business products.
Be careful with apps
Second, only download phone apps from the legitimate marketplaces that police themselves for malware-carrying apps, such as Google Play and Amazon Appstore. (Note that Apple policy restricts iPhone users to download only from the App Store.) Even so, every time you download an app, check the ratings and reviews first. If it has a low rating and a low number of downloads, it is best to avoid that app.
Protect your info
Know that no bank or online payment system will ever ask you for your login credentials, social security number, or credit card numbers by means of email.
Update your software
Whether you're on your phone or a computer, make sure your operating system remains updated. And update your other resident software as well.
Browse carefully
Avoid visiting unsafe websites, and never download unverified attachments or click on links in unfamiliar emails. You can also use Malwarebytes Browser Guard for safer browsing.
Password safety
All the above is basic hygiene, and always a good idea. But the bad guys are forever looking for a new way into your system. If a hacker discovers one of your passwords that you use for multiple services, they have apps that can breach your other accounts. So make your passwords long and complicated, avoid using the same one for different accounts, and instead use a password manager. Because the value of even a single hacked email account can rain disaster down on you.
“Know that no bank or online payment system will ever ask you for your login credentials, social security number, or credit card numbers by means of email.”
Hacking on Android phones
While most associate hacking with Windows computers, the Android operating system also offers an inviting target for hackers.
A bit of history: Early hackers who obsessively explored low-tech methods for getting around the secure telecommunication networks (and expensive long-distance calls of their era) were originally called phreaks—a combination of the words phone and freaks. They were a defined subculture in the 1970s, and their activity was called phreaking.
Nowadays, phreakers have evolved out of the analog technology era and become hackers in the digital world of more than two billion mobile devices. Mobile phone hackers use a variety of methods to access an individual's mobile phone and intercept voicemails, phone calls, text messages, and even the phone's microphone and camera, all without that user's permission or even knowledge.
“Cybercriminals could view your stored data on the phone, including identity and financial information.”
Why Android?
Compared to iPhones, Android phones are much more fractured, whose open-source nature and inconsistencies in standards in terms of software development put the Androids at a greater risk of data corruption and data theft. And any number of bad things result from Android hacking.
Cybercriminals could view your stored data on the phone, including identity and financial information. Likewise, hackers can track your location, force your phone to text premium websites, or even spread their hack (with an embedded malicious link) to others among your contacts, who will click on it because it appears to come from you.
Of course, legitimate law enforcement might hack phones with a warrant to store copies of texts and emails, transcribe private conversations, or follow the suspect's movements. But black hat hackers could definitely do harm by accessing your bank account credentials, deleting data, or adding a host of malicious programs.
Phishing
Phone hackers have the advantage of many computer hacking techniques, which are easy to adapt to Androids. Phishing, the crime of targeting individuals or members of entire organizations to lure them into revealing sensitive information through social engineering, is a tried and true method for criminals. In fact, because a phone displays a much smaller address bar compared to a PC, phishing on a mobile Internet browser probably makes it easier to counterfeit a seemingly trusted website without revealing the subtle tells (such as intentional misspellings) that you can see on a desktop browser. So you get a note from your bank asking you to log on to resolve an urgent problem, click on the conveniently provided link, enter your credentials in the form, and the hackers have you.
Trojanized apps
Trojanized apps downloaded from unsecured marketplaces are another crossover hacker threat to Androids. Major Android app stores (Google and Amazon) keep careful watch on the third-party apps; but embedded malware can get through either occasionally from the trusted sites, or more often from the sketchier ones. This is the way your phone ends up hosting adware, spyware, ransomware, or any other number of malware nasties.
Bluehacking
“Bluehacking gains access to your phone when it shows up on an unprotected Bluetooth network.”
Other methods are even more sophisticated and don't require manipulating the user into clicking on a bad link. Bluehacking gains access to your phone when it shows up on an unprotected Bluetooth network. It's even possible to mimic a trusted network or cell phone tower to re-route text messages or log-on sessions. And if you leave your unlocked phone unattended in a public space, instead of just stealing it, a hacker can clone it by copying the SIM card, which is like handing over the keys to your castle.
Hacking on Macs
Lest you think that hacking is only a Windows problem, Mac users, be assured—you are not immune. In 2021, Apple publicly confirmed that yes, Macs get malware.
Previous to that admission, in 2017 there was a phishing campaign targeting Mac users, mostly in Europe. Conveyed by a Trojan that was signed with a valid Apple developer certificate, the hack phished for credentials by throwing up a full-screen alert claiming that there's an essential OS X update waiting to be installed. If the hack succeeded, the attackers gained complete access to all of the victim's communication, allowing them to eavesdrop on all web browsing, even if it's an HTTPS connection with the lock icon.
In addition to social engineering hacks on Macs, the occasional hardware flaw can also create vulnerabilities, as was the case with the so-called Meltdown and Spectre flaws that The Guardian reported in early 2018. Apple responded by developing protections against the flaw, but advised customers to download software only from trusted sources such as its iOS and Mac App Stores to help prevent hackers from being able to use the processor vulnerabilities.
And then there was the insidious Calisto, a variant of the Proton Mac malware that operated in the wild for two years before being discovered in July 2018. It was buried in a fake Mac cybersecurity installer, and, among other functions, collected usernames and passwords.
More recent examples of hacking on Macs and Mac malware include Silver Sparrow, ThiefQuest, and malware masquerading as iTerm2. From viruses to malware to security flaws, hackers have created an extensive toolkit to wreak hacker havoc on your Mac. A good Mac antivirus and anti-malware program will help defend your Mac against such malware.
How does hacking affect my business?
For criminal-minded hackers, business is booming. Ransomware attacks on major businesses have been featured heavily in the news throughout 2021. Some of these have been high-profile, such as the attacks on the Colonial Pipeline, JBS (the world's largest meatpacker), or the large ferry service Steamship Authority. There are a number of ransomware gangs, Ransomware-as-a-Service providers, and types of ransomware out in the wild. You may be familiar with names like Conti, Ryuk, or GandCrab, for example.
Trojans remain a threat to businesses, with some of the most well-known being Emotet and TrickBot. Emotet, Trickbot, and GandCrab all rely on malspam as their primary vector of infection. These malicious spam emails, disguised as familiar brands, trick your end users into clicking malicious download links or opening an attachment loaded with malware. In an interesting twist, Emotet has evolved from being a banking Trojan in its own right into a tool for delivering other malware, including other banking Trojans like Trickbot.
So what happens when cybercriminals are able to hack into your network?
Emotet, for instance, hobbled critical systems in the City of Allentown, PA, requiring help from Microsoft’s incident response team to clean up. All told, the city racked up remediation costs to the tune of $1 million.
GandCrab is just as awful. It’s been estimated the ransomware with the gross sounding name has already netted its authors somewhere around $300 million in paid ransoms, with individual ransoms set from $600 to $700,000.
How to protect your business from hacking
In light of the ransomware and Trojan attacks currently favored by criminal hackers, the question now is: how can I protect my business from hacking? Here’s some tips for staying safe.
- Implement network segmentation. Spreading your data across smaller subnetworks reduces your exposure during an attack. This can help contain infections to only a few endpoints instead of your entire infrastructure.
- Enforce the principle of least privilege (PoLP). By only giving users the access level they need to do their jobs and nothing more you can minimize the potential damage from ransomware attacks.
- Backup all your data. This goes for all the endpoints on your network and network shares too. As long as your data is archived, you can always wipe an infected system and restore from a backup.
- Educate end users on how to spot malspam. Users should be wary of unsolicited emails and attachments from unknown senders. When handling attachments, your users should avoid executing executable files and avoid enabling macros on Office files. When in doubt, reach out. Train end users to inquire further if suspicious emails appear to be from a trusted source. One quick phone call or email goes a long way towards avoiding malware.
- Educate staff on creating strong passwords and implement some form of multi-factor authentication (MFA)—two-factor authentication at a bare minimum.
- Patch and update your software. Emotet and Trickbot rely on the Windows EternalBlue/DoublePulsar vulnerabilities to infect machines and spread across networks so keep your systems up-to-date.
- Get proactive about endpoint protection. Malwarebytes, for example, has multiple options for your business with Endpoint Protection and Endpoint Detection and Response.
0 Comments: