Happy Valentine’s Day 2019

Happy Valentine’s Day 2019

R9B
Feb. 14, 2019

Those who have seen or fallen victim to the effects of a data breach may think cybercriminals simply don’t care. But for hackers whose hearts are as black as their hats, there is a long list of items and actions that tickle their fancy. This Valentine’s Day, we can all work together to make sure cybercriminal affection goes unrequited.

HERE ARE 10 THINGS CYBERCRIMINALS LOVE:

  1. Phishing – An old standby. Formally called Business Email Compromise, criminals try to get victims to click on a link or open a malicious attachment. Be sure to double check sending addresses and forward anything fishy to your security team.
  2. Weak passwords – We all know Password123 just won’t cut it. Hackers can guess those kinds of passwords in an instant. Try stringing together random words and numbers to strengthen those credentials. Something like rabbitelfdetroitnachos3! would take about 10 *octillion* years to crack! Pro-tip: Be sure to change those default passwords on home routers and other internet-connected devices.
  3. Malware – Hackers love to simplify, automate, and outsource processes. If they can get you to install malicious software for them, say a bitcoin miner or keylogger, all the better. Be sure to check with your security team prior to installing any programs. Pro tip: When opening attachments, do not enable macros unless you are sure the sender and document are trustworthy.
  4. Ransomware – The goal of this software is to quickly encrypt important files and demand payment to unlock them. One of the most critical cases came in 2017 when some hospital operations throughout the English National Health Service ground to a halt. When it comes to ransomware, an ounce of prevention is worth a pound of cure.
  5. Open ports – One of the first signs of an impending cyberattack is a port scan. Hackers will quietly search for important ports left open in attempt to gain foothold in the network. With 65,535 TCP ports and the same number of UDP ports, opening and closing them requires careful planning by security teams.
  6. Lateral movement in networks – When hackers get into a network, their next objective is to conduct reconnaissance – have a look around at files ripe for the picking. Security teams can limit this by designing networks in ways that limit lateral movement. Compartmentalizing critical operations functions like finance from administrative and other front-line systems is a great first step.
  7. Slow and steady operations – Hackers are sneaky. They use tools designed to make minimal noise. On average, advanced persistent threats are able to exist on systems for about six months without being noticed. That time is spent stealing data and possibly doing harm to the systems themselves. Threat hunting is a proactive means of finding even the most elusive hackers and shutting down attacks.
  8. Weak encryption – There are many ways in which encryption is used to secure both files at rest and in transit from one user to another. Fortunately for individuals, web browsers have made it easy to distinguish between sites using proper encryption and those lacking it. Most browsers display a green lock symbol when a site is using encryption. That means data can be safely entered and transmitted without fear of interception. Sites without the lock symbol should be visited with special care.
  9. Exfiltrating important data – This is the motherlode. One of the main goals of a cybercriminal is to steal valuable data. Individual information, health records, credit card numbers, banking info, it’s all on the menu. Security teams should use tactics like separation of information in databases and encryption both at rest and in transit.
  10. Covering their tracks – A hacker’s job is not over with the theft of valuable data. In order to ensure they get away with their crime, they need to cover their tracks. They do this by using VPNs, routing data through onion-type servers, and even manually changing logs to make it look like nothing out of the ordinary has happened. When security teams recognize signs of a breach, the clock is on to call in an experienced digital forensics and incident response expert to limit damage and help maintain normal business operations.
Cybercriminals are patient and persistent, which can make stopping them all the more challenging. We hope by knowing what to watch out for and what these hackers will use to get what they want, you can guard your most precious assets.
If you suspect hackers have their hearts set on your network, contact us today.

R9B ORION is the most advanced Threat Hunting (HUNT) platform commercially available. ORION uses an agentless algorithm to determine the presence of network intruders, empowering security teams to monitor activity, collect evidence, conduct real-time, remote forensics investigations, and eliminate unauthorized parties from networks and systems before they can do harm.

R9B ORKOS is a powerful tool for analyzing credential strength across an entire organization, with stunning graphical representation of network connections. ORKOS can quickly identify dangerous paths of escalation and provide security teams with recommendations for remediation.

R9B also offers an advanced penetration test, the Attack Surface Baseline, which takes into account contextual factors of an organization, ranks system criticality, and provides a complete report of vulnerabilities with recommendations for improving security. Whether seeking compliance with standard frameworks or in need of a thorough ‘current state’ model of the network, the R9B ASB is the best choice for assessing and improving security posture.