Monday, June 10, 2013

Ten Ways Hackers Breach Security

Hacking, cracking, and cyber crimes are hot topics these days and will continue to be for the foreseeable future. However, there are steps you can take to reduce your organization's threat level. The first step is to understand what risks, threats, and vulnerabilities currently exist in your environment. The second step is to learn as much as possible about the problems so you can formulate a solid response. The third step is to intelligently deploy your selected countermeasures and safeguards to erect protections around your most mission-critical assets. This security training white paper discusses ten common methods hackers use to breach your existing security.

Security experts have been discussing the problems with password security for years. But it seems that few have listened and taken action to resolve those problems. If your IT environment controls authentication using passwords only, it is at greater risk for intrusion and hacking attacks than those that use some form of multifactor authentication.

The problem lies with the ever-increasing abilities of computers to process larger amounts of data in a smaller amount of time. A password is just a string of characters, typically only keyboard characters, which a person must remember and type into a computer terminal when required. Unfortunately, passwords that are too complex for a person to remember easily can be discovered by a cracking tool in a frighteningly short period of time. Dictionary attacks, brute force attacks, and hybrid attacks are all various methods used to guess or crack passwords. The only real protection against such threats is to make very long passwords or use multiple factors for authentication. Unfortunately, requiring ever longer passwords causes a reversing of security due to the human factor. People simply are not equipped to remember numerous long strings of chaotic characters.

But even with reasonably long passwords that people can remember, such as 12 to 16 characters, there are still other problems facing password-only authentication systems. These include:

People who use the same password on multiple accounts, especially when some of those accounts are on public Internet sites with little to no security.
People who write their passwords down and store them in obvious places. Writing down passwords is often encouraged by the need to frequently change passwords.
The continued use of insecure protocols that transfer passwords in clear text, such as those used for Web surfing, e-mail, chat, file transfer, etc.
The threat of software and hardware keystroke loggers.
The problem of shoulder surfing or video surveillance.

Password theft, password cracking, and even password guessing are still serious threats to IT environments. The best protection against these threats is to deploy multifactor authentication systems and to train personnel regarding safe password habits.

A Trojan horse is a continuing threat to all forms of IT communication. Basically, a Trojan horse is a malicious payload surreptitiously delivered inside a benign host. You are sure to have heard of some of the famous Trojan horse malicious payloads such as Back Orifice, NetBus, and SubSeven. But the real threat of Trojan horses is not the malicious payloads you know about, its ones you don't. A Trojan horse can be built or crafted by anyone with basic computer skills. Any malicious payload can be combined with any benign software to create a Trojan horse. There are countless ways of crafting and authoring tools designed to do just that. Thus, the real threat of Trojan horse attack is the unknown.

The malicious payload of a Trojan horse can be anything. This includes programs that destroy hard drives, corrupt files, record keystrokes, monitor network traffic, track Web usage, duplicate e-mails, allow remote control and remote access, transmit data files to others, launch attacks against other targets, plant proxy servers, host file sharing services, and more. Payloads can be grabbed off the Internet or can be just written code authored by the hacker. Then, this payload can be embedded into any benign software to create the Trojan horse. Common hosts include games, screensavers, greeting card systems, admin utilities, archive formats, and even documents.

All a Trojan horse attack needs to be successful is a single user to execute the host program. Once that is accomplished, the malicious payload is automatically launched as well, usually without any symptoms of unwanted activity. A Trojan horse could be delivered via e-mail as an attachment, it could be presented on a Web site as a download, or it could be placed on a removable media (memory card, CD/DVD, USB stick, floppy, etc.). In any case, your protections are automated malicious code detection tools, such as modern anti-virus protections and other specific forms of malware scanners, and user education.

Nothing makes attacking a target network easier than when that target is using the defaults set by the vendor or manufacturer. Many attack tools and exploit scripts assume that the target is configured using the default settings. Thus, one of the most effective and often overlooked security precautions is simply to change the defaults.


View the original article here

No comments:

Post a Comment