Hackers would love to get their hands on your data, whether you’re a company or individual. Data is a valuable commodity they can sell to the highest bidder – which is sometimes the person they stole it from!
In this article, we’re going to take a look at the latest methods hackers are using to get access to data. It’s not pretty, but you need to know it anyway so that you can avoid it in the future.
Brute Force Attacks
Today’s digital security still relies almost entirely on passwords. We’ve experimented with fingerprint scanners and iris recognition. But for sheer convenience, nothing beats the old-fashioned password.
The problem with passwords, however, is that some people take the notion of convenience too far. Convenience means protecting your accounts with the shoddiest passwords imaginable such as “123456” and “password.”
These passwords aren’t good enough. If you’re using them, stop.
Spidering is the practice of finding concepts related to an individual or business and then combining these in patterns to form passwords.
So, for instance, you might have a company called “Happy Drains” which has a bunch of portals for its members of staff online. Usually, a company like this will choose a password related to its name (bad idea) and combine it with another relevant piece of information.
The password for the company intranet might be something like “Drains2009” based on the fact that the company is called Happy Drains and was established in 2009. All the hacker has to do is mash various facts about the company together in a variety of ways and try them out. No, it doesn’t always work, but you’d be surprised by how often it does.
At the University of Alabama Birmingham, they teach students digital forensics. The objective of digital forensics is to find out how a cybersecurity breach happened and what went wrong. One of the least sophisticated ways of doing this is, you’ll be surprised to learn, asking people directly for their passwords.
Most people choose convenience over security. If handing over a password to get something done gets them to their objective faster, it’s hard for them to resist. Hackers will often engineer situations in which a person becomes convinced that the only way to solve the problem is to hand over their private password information. And therein lies the problem. People are too willing to give out private, sensitive information which can compromise their digital security.
Phishing is similar to social engineering but usually happens in email form. The hacker sends the victim what looks like a legitimate email with a link to a copy-cat site where they enter their personal information. The hacker then collects the data and uses it to log into their real account, causing all kinds of havoc.
The good news is that hacking is becoming more demanding thanks to more sophisticated antivirus software. But no software in the world can protect you if you voluntarily hand over password details. That’s the big problem that companies and individuals still need to tackle.