Exploiting Defaults
When you install a software/application it comes with some default settings like default installation path, passwords, folder names, etc.
Many compliance suggest you to avoid this situation. Use customizes option as much as possible. Try to avoid installing operating systems into the default drives and folders. Don't install applications and other software into their default locations.
Man-in-the-Middle Attacks
The man-in-the middle attack intercepts a communication between two systems. For example, in an http transaction the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into 2 new connections, one between the client and the attacker and the other between the attacker and the server. Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert and modify the data in the intercepted communication.
The protection techniques, avoid clicking on links found in e-mails and always verify that links from Web sites stay within trusted domains or still maintain SSL encryption. Deploy IDS (Intrusion Detection System) systems to monitor network traffic as well as DNS and local systems.
Stealing Passwords
Multi-factor authentication is the best possible & recommended ways to protect. However, there are many places which are still depended only on passwords. With the increasing capacity of computers passwords can be cracked easily by the use of Dictionary attacks, brute force attacks, and hybrid attacks (few example). Other factor involve with human capacity. As a human we can remember only some length & as a result human may write their password at different places. There are other factors like insecure protocols that transfer passwords in clear text, keystroke loggers, shoulder surfing/video surveillance, same password at different places, etc which would create this risk. Password theft, password cracking, and even password guessing are still serious threats to IT.
The best protection against these threats is to deploy multifactor authentication systems and to train personnel regarding safe password behavior.
Trojan Horses
Trojan horse is defined as a "malicious, security-breaking program that is disguised as something benign". For example, you download what appears to be a movie or music file, but when you click on it, you unleash a dangerous program that erases your disk, sends your credit card numbers and passwords to a stranger, or lets that stranger hijack your computer to commit illegal denial of service attacks. A Trojan horse could be delivered via e-mail as an attachment, it could be presented on a Web site as a download, or it could be placed on a removable media (memory card, CD/DVD, USB stick, floppy, etc.).
In any case, protection is automated malicious code detection tools, such as modern anti-virus system and other specific forms of malware scanners, and user training.
Extensive Learning
External hackers, learn how to overcome your security barriers by researching your organization. This process can be called reconnaissance, discovery, or footprinting. Ultimately, it is intensive, focused research into all information available about your organization from public and non-so-public resources.
If you've done any research or reading into warfare tactics, you are aware that the most important weapon you can have at your disposal is information. Hackers know this and spend considerable time and effort acquiring a complete weapon store. What is often disconcerting is how much your organization freely contributes to the hacker's weapon stockpile. Most organizations are hemorrhaging data; companies freely give away too much information that can be used against them in various types of logical and physical attacks. Here are just a few common examples of what a hacker can learn about your organization in very less time:
• The names of your top executives and any flashy employees you have by perusing your archive of press releases.
• The company address, phone number, and fax number from domain name registration.
• The service provider for Internet access through DNS lookup and traceroute.
• Employee home addresses, phone numbers, employment history, family members, previous addresses, criminal record, driving history, and more by looking up their names in various free and paid background research sites.
• The operating systems, major programs, programming languages, specialized platforms, network device vendors, and more from job site postings.
• Physical weaknesses, vantage points, lines of sight, entry ways, covert access paths, and more from satellite images of your company and employee addresses.
• Usernames, e-mail addresses, phone numbers, directory structure, filenames, OS type,Web server platform, scripting languages,Web application environments, and more from Web site scanners.
• Confidential documents accidentally posted to a Web site from archive.org and Google hacking.
• Flaws in your products, problems with staff, internal issues, company politics, and more from blogs, product reviews, company critiques, and competitive intelligence services.
A hacker will spend over most of their time in information-gathering activities. The more the attacker learns about you, the easier the subsequent attack becomes.
As for defense, you are ultimately at a loss—mainly because it is already too late. Once information is out on the Internet, it is always out there. You can obviously clean up and sterilize any information resource currently under your direct control. You can even contact third-party information repositories to request that they change your information. Some online data systems, such as domain registrars, offer privacy and security services (for a fee, of course). You can also control or limit the output of information in the future by being more discrete in your announcements, product details, press releases, etc.
However, it is the information that you can't change or remove from the Internet that will continue to erode your security.
The only way to manage uncontrollable information is to make changes to your environment so that it is no longer correct or relevant.
Social Engineering
Firewalls, IDS’s, IPS’s, and anti-malware scanners have made intrusions and hacking a difficult task.
However, the bad news is many hackers have expanded their idea of what hacking means to include social engineering: hackers are going after the weakest link in any organization's security—the people.
People are always the biggest problem with security because they are the only element within the secured environment that has the ability to choose to violate the rules. People can be coerced, tricked, duped, or forced into violating some aspect of the security system in order to grant a hacker access. The age-old problem of people exploiting other people by taking advantage of human nature has returned as a means to bypass modern security technology.
Protection against social engineering is primarily education. Training personnel about what to look for and to report all abnormal or awkward interactions can be effective countermeasures. But this is only true if everyone in the organization realizes that they are a social engineering target. In fact, the more a person believes that their position in the company is so minor that they would not be a worthwhile target, the more they are actually the preferred targets of the hacker.
Keeping an eye on new Vulnerabilities
Hackers always keep any eye on development of vulnerabilities using web search, blogs, etc. The more the hacker can discover about possible attack points, the more likely it is that they can discover a weakness you have not patched, protect, or even become aware of. To combat vulnerability research on the part of the hacker, you have to be just as attentive as the hacker.
You have to monitor developments on new vulnerabilities by checking blogs, discussion forums, etc. and you need to watch the third-party security oversight discussion groups and web sites to learn about issues that vendors are failing to make public or that don't yet have easy solutions. These include places like securityfocus.com, US CERT, CVE, etc.
Insider
All too often when hacking is discussed, it is assumed that the hacker is some unknown outsider. However, studies have shown that a majority of security violations actually are caused by internal employees. So, one of the most effective ways for a hacker to breach security is to be an employee. This can be read in two different ways. First, the hacker can get a job at the target company and then exploit that access once they gain the trust of the organization. Second, an existing employee can become displeased and choose to cause harm to the company as a form of revenge or retribution.
In either case, when someone on the inside decides to attack the company network, many of the security defenses erected against outside hacking and intrusion are often ineffective. Instead, internal defenses specific to managing internal threats need to be deployed. This could include keystroke monitoring, tighter enforcement of the principle of least privilege, preventing users from installing software, not allowing any external removable media source, disabling all USB ports, extensive auditing, host-based IDS/IPS, and Internet filtering and monitoring.
Information Security Policy
Every organization should have IS policy in place which would deal with Risk Management, Crisis Management, Incident Management, etc. These types of policies ensure that you have right things at the right place.
Having only policy won’t help you but you should ensure that your organization adhere those policies. Organisation should have proper team & department for information security. After all, information is the most vital piece for organization success.
No comments:
Post a Comment