Amazing Hacking App

Author: Martin Voelk
March 24, 2015

Enjoy ­čÖé

Share

March 19, 2015

A very interesting and slightly worrying article from CNN Money. We are dealing with the tip of the iceberg. It’s well known that only a fraction of actual security breaches and hacking activities make it into the news and media. Imagine how many corporations are silently infiltrated and hacked for years without even knowing about it. Scary article.

http://money.cnn.com/2015/03/13/technology/security/chinese-hack-us/

Share

How do Hackers attack?

Author: Martin Voelk
December 9, 2014

We often get asked by our clients, where are those hackers who are behind attacks and how do they disguise themselves? Well, to answer this question it would probably take weeks or even months. Let’s try to put this into a little blog post.

There are 3 categories of individual attackers

The security aware hackers

Those are the guys who know how to cover tracks and disguise themselves. A lot of those guys route their attacks through different countries, the TOR network (an anonymous Network which conceals the real source IP) and compromise weak systems. What are weak systems? Typically schools where teachers with very limited or no IT Security knowledge are responsible for the server maintenance. We had 5 cases recently where corporate clients in the US have been attacked and the forensics revealed that they hacked numerous grammar schools in Europe, installed their tools there and used this to attack. Tracking down those attackers is often hard or impossible.

The stupid hackers

Those are guys who sit in Western countries and start running attack scripts (mainly young teenagers) who are only able to run automated freeware tools. Then they are surprised if law enforcement knocks on their doors.

The hackers who sit outside Western legislation

Not every attacker has to be worried getting caught. Actually a lot of the attacks source from countries which do not cooperate with Western law enforcement or where countries have bad relationships with the United States, European Union or other Western countries. Just to name a few countries where attacks on Western systems will likely not result in any problems for the attackers: China, North Korea, Russia, Syria, Iraq, Afghanistan, Yemen, Sudan, Cuba, Nicaragua, Ecuador, Bolivia, Venezuela and many more in Africa and Asia.

Our customers often get frustrated when we have to tell them that the attacker likely┬áresides outside their home country and even if they involve law enforcement, chances are next to nothing to actually prosecute the attackers. We recommend to be pro-active instead of re-active. Getting your security tested by us and deploy countermeasures is a lot cheaper than waiting for an attack and then firefighting it. The question for any business is not IF an attack is gonna happen….then question is WHEN

Share

November 30, 2014