When cybercriminals strike, they rarely do so without a detailed plan in place. They’ve decided on a target, and they’ve selected an attack that promises great rewards with little risk. But how do they reach those decisions? And can you avoid becoming the next object of their unwanted attention?
The secret is in understanding where you’re vulnerable—and then correcting those weaknesses. Take a look at the three phases most hackers go through when outlining and carrying out an attack:
Phase 1 – Planning
Targeting people/users/humans. Bad actors begin target surveillance through website, social media and public records reconnaissance. Company websites readily expose executive bios and contact information to would-be attackers. And on social media sites like LinkedIn, Twitter, Facebook and Instagram, attackers will often leverage usable credentials and/or usernames, passwords and other personal data breach points to search for details that pinpoint an easy or lucrative mark.
Targeting the network/applications/services/machines. Attackers and hackers do the same due diligence when surveilling a target organization or company. They look for any available way to exploit the network infrastructure—scanning for vulnerabilities and revealing weak entry points to breach. If a vulnerability is discovered in a particular area of the network or infrastructure, attackers will then begin to map out and pursue their attack.
Phase 2 – Installation and Exploitation
At this stage, attackers introduce a weaponized file—such as an Excel doc containing malicious macros, or an exploit kit hidden in Adobe or Java—to the vulnerable systems or application on the target machine.
The type of malware installed at this point really depends on what the attacker wishes to accomplish. Techniques for privileged access and persistent monitoring are the most common approaches attackers use at this stage.
Phase 3 – Malware Proliferation and Bilateral Control
The attackers now have bilateral control: control of their malicious infrastructure and, more critically, control of the target machine and network. Going forward, attackers have unfettered access to begin propagating the organization’s network with malware, stealing data, seeking a ransom, or attacking an organization’s brand—just to name a few destructive examples.
How to Protect Your Business and Clientele
Given these three phases, it’s important to take stock of where you might be inadvertently leaving yourself, your infrastructure, or your customers’ systems open to potential attack. Ask yourself:
Are you or your clients providing excessive personal or identifying information via website or social media on an insecure network?
Are you and your clients protecting your infrastructures, keeping software updated, and testing for vulnerabilities?
Are you equipped to detect and immediate act on any potential malware infiltrations?
By planning in advance for the worst-case scenarios and taking regular action to identify and prevent weaknesses in your infrastructure or networks, you’ll be best prepared to escape a hacker’s scrutiny.