How They Do It: 5 Tools Hackers Use to Break In
Cybersecurity. Just the word itself brings images of people mashing furiously on a keyboard trying to keep the “bad guys” out of their system, or green program code scrolling at lightspeed across the screen. Shows like NCIS and CSI reinforce this stereotype while also portraying hackers as geniuses capable of breaching NASA in just a few minutes. In reality, the world of cybersecurity is far more boring – but no less dangerous – than the media portrays it.
While it’s best to leave the technical tradecraft to the experts, there is real value in understanding the basics of how these bad actors break into systems. Some of these techniques use various technological methods while others use none at all. Let’s review the five most common methods.
Hackers tend to choose the easiest targets with the highest potential value. They use methods very similar to home burglars – they case the place. Hackers will attempt to gain any publicly available information that gives them a potential advantage, including the CEO’s name and email address, the office’s physical location, number of employees, and much more. Some hackers may even park outside of an office to see if they can get access to the building’s Wi-Fi and perform a network scan to find machines on the network. Once they find something they can take advantage of, they launch their attack.
As the name suggests, phishing is the act of “fishing” for private data. This technique is anything but new, dating back into the 1980s. Phishing became popular during the AOL era wherein hackers would steal usernames and passwords through AOL messenger and email. Today, phishing is far more sophisticated. Bad actors can spoof (masquerade) email addresses to appear as if it is coming from banks, government agencies, or even your own company. Often, they will include a link to a malicious website that looks identical to a real website (e.g. your bank). The email will attempt to get the user to enter their username and password on the fake website and, if the user complies, the hackers now have their credentials. Phishing is the most widely used social engineering technique and, according to one report, every employee will receive 14 malicious e-mails per year on average. That same report stated that 90% of all breaches are the result of a successful phishing attack.
We’ve all been told to use strong passwords and to never reuse them, but most people aren’t sure why it’s important. Most people intuitively understand that a longer password is more secure, but why exactly is a 6-character password weaker than an 8-character password? To fully understand the problem of weak passwords, we have to use a little bit of math.
In the standard English alphabet, there are 26 letters. As a result, a 1-character, lowercase letter password can have a maximum of 26 different combinations. If you were to increase this to a 2-character password, the result is 676 different combinations (26 * 26). For an 8-character password with only lowercase letters, there are over 208 billion combinations. Pretty secure, right?
Wrong. A password that would take a human many lifetimes to guess will take a computer less than a second. Modern computers can enter guesses in the order of billions per second, and a dedicated password cracking machine can guess over ten times quicker. Making your password longer certainly helps. An 8-character password will take seconds to crack while a 9-character password would take more than half a minute, and a 10-character password takes almost 15 minutes. This website calculates how long it takes to crack passwords of various lengths and complexities.
Most businesses have machines on their network that aren’t up to date, whether it’s an older version of Windows or a machine that hasn’t run updates in a few months. These machines are left vulnerable to known exploits that hackers can use to gain access. There are free automated tools that allow hackers the ability to scan an entire network and gives a detailed report of any vulnerabilities found. At that point, it’s only a matter of time before the bad actor takes advantage and exploits the system.
Remote code execution
Once an exploit is found, whether through phishing, password cracking, or vulnerability exploitation, a hacker may then run code remotely on the machine. Depending on the level of access they have obtained, this can result in shutdowns, stolen credentials, or full admin privileges on the machine. Many hackers will then use the machine to infect other machines on the network or may join other machines to infect computers on the internet (known as a “bot”).
While these may be the top five tools hackers use, there are dozens more in use at any one moment. Digital threats are evolving at an alarming rate. Luckily, cyber defenses are evolving just as quickly. If you’d like to learn more about how Zekteck stays one step ahead of hackers to keep your data safe, schedule a demo today!