The company Fluid Attacks, dedicated to the identification of vulnerabilities in business computer systems, analyzed some of the practices that “hackers” follow when entering a network access and made a proposal identifying the attackers’ mentality and actions, so that companies can protect themselves effectively.
The study revealed that hackers tend to use two mentalities to which specific actions are linked when carrying out their attacks:
- Exploration: Mainly, hackers aim to identify vulnerabilities, showing patience and determination, as well as cunning and curiosity. Therefore, they obtain technical details of the objective, limitations in the system, and create a list of possible controls and data. After detecting many of the system failures, human error also comes into the crosshairs of hackers. Through deception techniques, they would be able to access credentials and enter the system. Then they scan and test, and unauthorized access is facilitated by the vulnerabilities they detect. From small mistakes, they can open even bigger holes.
- Operating:After having defined the possible avenues of attack, the hackers are in charge of gaining access to the system. From there, they extract information, abuse privileges and reach other domains through lateral movements. Already in the final stage, hackers try to stay in the system, while they go unnoticed, to carry out future attacks. The usual thing is that they erase the traces and all evidence to avoid being detected.
In relation to the above, Fluid Attacks proposed six actions that companies can follow to protect themselves from cyberattacks:
1) Involve cybersecurity experts, whether internal or external, in business procedures. Some organizations rely on external organizations to penetrate their software and thus discover its vulnerabilities. It is recommended that penetration tests be carried out from the beginning of the construction of the applications, in order to deliver more secure technology to the users.
2) Dofootprinting(collection of information on the web) regularly, review systems and discover their weak points in a comprehensive way.
3) Educate employees on data handling policies and techniques malicious hackers could use to mislead you.
4) Have a defined vulnerability remediation strategy that allows to offer secure applications.
5) Monitor all possible access routes to block them before they are compromised.
6) Keep vigilant on suspicious events and ensure that control and monitoring systems are kept up to date.
“To effectively combat cybersecurity risks, companies need to understand the mindset of those who could become their intruders. It is important that the people who are in charge of organizations follow an open and flexible stance to identify problems from different angles. By observing the systems through the eyes of a criminal, the weak points can be better identified and from there create defenses ”, explained Felipe Gómez, LATAM Manager of Fluid Attacks.
In research, published by the MIT Sloan Management Review, 23 experienced hackers were surveyed to assess their behavior. Among its most notable characteristics, the authors highlighted high intellectual capacity, extensive computer knowledge and the tendency to enjoy the fact of taking risks. When it comes to cybercriminals, they reported being attracted to the idea of making millions of dollars from their cyberattacks.
“Knowing how a hacker thinks and acts helps to identify his behavior patterns. Studying the attacks that have been received or that are known serves to educate and prepare a company in the field of cybersecurity. This can especially help its engineers and developers to create safe technology and have plans to prepare for possible future events, greatly reducing risk levels, ”concluded Gómez.
.