It seems like every time you check the news, another major company gets hacked. In the past few years, social platforms like Twitter and LinkedIn, major health care providers Anthem and Blue Cross, and a wide variety of other industry companies (U.S. Postal Service, Target, Staples, Sony, and others) have all been hacked. A major provider has been the unfortunate target of online intrusion nearly every week over the past year.
This being said, a question needs to be asked — why is this happening so often? What is causing the recent spike of hacking highly visible companies? Why are so many international companies the target of Internet security intrusions?
Most of the hacking lately has been done to large-scale organizations with a very immense and widespread public footprint. You’ll hear about it happening to NGO’s or international organizations because of their size. Not only does an international enterprise firm presumably maintain larger bank sums, they also deal with larger quantities of business critical/consumer sensitive data. These facts alone make them targets.
For some hackers, it makes no sense to compromise the network of a SMB with nothing to offer. The only reason you hear about Target or Anthem being hacked is because the prizes — credit card and social security numbers in the thousands or hundreds of thousands — are worth the risk of getting caught. The larger your company gets, the more exposed it is to possible breach.
The who and the why of the matter are pretty simple: large organizations with a lot to lose. Call it hacker leverage. The how, though, is a bit more interesting.
There are a few different ways organizations get hacked. As your company might have cyber security strategies, bad actors have those same strategies aimed at destroying your network. Here is a short list of a few:
Network Monitoring Attacks — Network monitoring attacks are some of the easiest to accomplish. The basic idea of a network monitoring attack is to listen to rotating network user login information (ID’s and passwords) to gleam active credentials. By setting up monitoring software to track expiring passwords (most networks run on a 30-90 day password rotation), hackers can easily gain access through active user credentials.
How to fight Network Monitoring Attacks: Change network user credentials often. Keep all credentials in a secured database outside the range of your internal network. Make that database as secure as possible. Enforce strict network security protocols across your network that all employees must follow.
Man-in-the-Middle Attacks— A man-in-the-middle attack, like the network monitoring attack, works by gaining real-time access to an internal network through grifting passwords and ID’s. The attack works by compromising a piece of network hardware to transmit data to both its intended destination and a hacker controlled server database. Once password and ID’s are collected, hackers infiltrate the network through proper user credentials.
How to fight Man-in-the-Middle Attacks: Change passwords routinely. Keep password and user ID data in a database separated from your internal network.
DDoS Attacks — Imagine a river coming to a dam. As the river narrows, the flow of water and the power it carries increase due to limiting space. The dam acts as a funnel for the increasing water pressure to make sure it doesn’t blow over to kill the system. A DDoS attack acts in the same fashion. A hacker will send massive quantities of traffic to a single server to effectively bottleneck, causing overall shutdown. Once a network server shuts down, the hacking party in question scans the network for any openings for infiltration.
How to Fight a DDoS Attack: In most cases, proactive network monitoring software will resolve the issue. This said, it is best to have your company network administrators constantly scanning for potential risks.
We have to admit, the frequency of these cyber attacks does seem to be increasing. The reason for increasing frequency is higher ability to exploit. With more organizations moving to a poly-cloud environment (i.e. an organization using private, public and hybrid) the ability to secure those platforms is becoming more difficult. By mixing virtualization tech, differing forms of hardware, a wide variety of connected employee devices, VPN protocols, CDNs to pull/push content, and a growing net of rotating user credentials matched with traffic flowing in from all around the world, you can see why hackers are having such an easy time exploiting protected networks.
It isn’t that hacking is getting more frequent — it has always been there. The difference now is the companies and organizations being hit are highly public and known and the technology now exists to make hacking easy. With the cost of computing power constantly dropping, it is becoming easier and easier for anyone with a connection to learn and cause havoc.
Bay Area Computer Solutions is dedicating to maintaining your network security, protecting your data and keeping your sensitive and secure information from getting into the wrong hands. Click the banner below to sign up for our IT Security Audit – we’ll work with you to find your network’s weak spots before the bad guys do. You can also contact us online or by phone at (650) 887-4601 for more information.
Published on 20th August 2015 by James Berger.