Leveraging the tricks and techniques of hackers for better security


26 May 2017
It may take just 24 hours for a hacker to successfully break into a system

It may take just 24 hours for a hacker to successfully break into a system and steal target data. But it can take businesses up to 10 months to detect a data breach. In fact, about one-third of attacks are never discovered by the victim company.


Typically, an attack begins with information gathering about a target business or even individual employees and company leaders. The hacker then targets an individual device, whether it is a company-owned endpoint, or a device supported by a business's Bring Your Own Device (BYOD) program.


Once a device has been targeted and infected, the cybercriminal will establish a Command and Control (C&C) server, and create a link to the victim network. Then, the hacker will move laterally across the network, seeking out valuable data to send to the C&C server before data is finally extracted. Unfortunately, this may not conclude the attack. If the intrusion remains undetected new data can continue to be pinpointed and extracted.


This information was garnered by Nuix, an Australian company specialising in creating data gathering software, through a survey of hackers and white hats at the 2016 DEFCON event in Las Vegas.


Its Black Report also highlighted the escalating ineffectiveness of traditional protection such as firewalls and antivirus solutions. According to Nuix, these methods are ‘almost never successful in slowing down a hacker’. Instead, endpoint security is the new tool, which can mitigate malicious activities.


Nevertheless, tools based on known attacks are limited in their effectiveness since 50% of cybercriminals frequently change their approaches according to the target. As a result, incursions using previously unseen methodologies have a high chance of success.


Hence, improving cyber security relies on gleaning insights from the processes, methodologies and tools that today's hackers use. Cyber security conferences, such as DEFCON, are important avenues for researchers to understand hackers’ thoughts and experiences in their efforts to better protect digital information.