On average, a cyber hacker spends about 209 hours hacking one system and 140 days in a system before they are discovered. How can you identify a hacker when they are behind another screen? Well, there are a few patterns which have helped detect these anonymous security threats. According to Microsoft cybersecurity experts, 11% of hackers are insiders to their organization and 7% are nation-states. (1)
There are three primary patterns of behavior that hackers exhibit – navigation, how they moved through a compromised system; enumeration, which is how they understand the system they have gained access to; and exploitation, how they try to steal the data. To put this in perspective, it resembles how a robber might approach a bank, how they assess which teller to talk to, and what they say to get them to hand over the money. (2)
So, being a cyber hacker is not an easy job, and they learn best by repeating previous strategies. In fact, the Dark Web provides “Starter Kits” which enable individuals with the tools and tracking metrics to succeed. While some of these kits are purchased from the site, others offer “free” starter kits which then take a percentage of the successful ransom. One of these kits is named “Blackhole”, for instance.
If your organization uses a marketing platform to send emails, hackers have very similar programs. A template is created, which automates the name to put in and various follow-up emails to continue testing a company’s vulnerabilities. This automation takes the guesswork out of who the email should be sent to and how they can infiltrate an organization.
Why should we care about who a cyber-criminal is and how they navigate these devastating attacks? Have you ever heard the phrase, “Keep your friends close and your enemies closer?” We must be able to prevent and detect when an attack is occurring before it is too late. Once we learn the ways in which we are at risk, we can educate our friends, family, and employees to take necessary precautions.
Where you or your company should begin:
1. Verify configuration of backup systems
2. Implement cyber awareness training
3. Measure your risk management team awareness
4. Develop incident response plan
Join us at our event on August 31st, to learn more about arming your employees with the right tools and knowledge to avoid the dreaded email or call saying they clicked on a cryptic link. Register at this link: https://www.eventbrite.com/preview?eid=164532588401/