As hackers have become more sophisticated and better-funded, many of us find ourselves asking how we can defend ourselves against them. This is a question that will only grow in urgency over time. In this blog post, we want to give you an overview of how hackers work. Not just to show you what they’re capable of but also to help you understand what you can do better to protect yourself from them.
In the movies, hackers usually go on the offensive as soon as the computer is switched on, and after a short while, they get up from their chairs with money/slogans/routing cards in their hands. In reality, however, they proceed carefully and deliberately, and if they want to get into an alien system, they first gather as much information about it as possible. Most of this data collection is done passively, without any contact.
Google and the various social networks can be of great help here: for example, they can find out what hardware the target uses or likes, where they usually go and what they like. It is then easier to identify potential weaknesses in the defenses with all this information. Nmap and other similar tools can be helpful in this regard, as they can help you identify open ports on your network or computers that are not up to date. Once these two phases have been completed, the attack can begin when the hacker tries to get into the target area.
The exact method will depend on the vulnerabilities previously found: it could be using a personalized phishing email to smuggle malware onto the computer or a known vulnerability to install remote access software via a worm program. If it succeeds, you can’t sit back complacently because now comes the real work: ensuring continued access and getting to the highest possible privilege level.
In many cases, you will also install some backdoor that will make your job easier in any future attack, even if the previously used hole is plugged in the meantime. Finally, the last step is to cover his tracks so that neither company nor public sector professionals can find him.