Hacking Strategies and Online Security Measures - Research Proposal Example

HACKING STRATEGIES AND ONLINE SECURITY MEASURES Table of Contents Hacking Strategies and Online Security Measures 3 Introduction 3 Hacking Strategies 3 Malware 4 Social Engineering 5 Cyberespionage 6 Advanced Persistent Threats (APT) 7 Measures Used to Mitigate Hacking 8 Conclusion 11 References 12 Hacking Strategies and Online Security Measures Introduction Hacking computer systems has become almost common practice in the modern business world, with media reports reporting hacking instances almost on weekly basis. This is a serious internet security problem, which has been escalated by highly sophisticated hackers that have been able to greater knowledge and advanced techniques to gain unauthorized access almost any type of computer system on the global scale. There are different intentions that hackers have when they make their attempts to intrude information systems, including financial gain, malicious intents (for example, for former employees of a company from which they were fired), or even to challenge the security status of a system (Perrault 2015), not to mention ethical hacking, which is meant to identify security loopholes on a particular system and take corrective measures (Verma, Pathak, Bathini, & Pereira 2014). Regardless of the intention of the hacker, hacking strategies are advancing by the day, meaning that organizations, business, governmental, or otherwise, have bigger security threats every day. However, security experts are making appreciable efforts in coming up with advanced ways to deal with these security threats as they become more and more sophisticated. This essay is aimed at identifying the various ways hackers use to penetrate computer systems, with particular focus on the use of malware, social engineering tactics, cyberespionage, and advanced persistent threats (APT). Focus also lies in the analysis and evaluation of the various methods and systems that are used as protective measures against hacking. Hacking Strategies As the introductory part mentions, this essay focuses on the four main hacking strategies, which include the use of malware, social engineering tactics, cyberespionage, and advanced persistent threats (APT). These strategies will be considered separately in the following four subsections of this chapter. Malware Malware (malicious software) is one of the common ways that hackers used to access computer systems. There are different kinds of malware, including viruses, worms, and spyware among others, all of which can be installed in both private and public computer systems to access private information and use it for malicious purposes, most commonly for financial gain. In the most recent attacks, hackers are using malware to attack some of the most vulnerable organizations, especially banks (owing to their exclusive money transactions). In one of the most recent attacks, details of which have been uncovered by Kaspersky Lab (a Russian cyber security company), the malware used to attack banks has been said to be one of the most sophisticated malware-based attack ever (Peralta 2015). The attack has been described to work as follows. First, hackers phish the employees of the bank, which involves the acquisition of their usernames, passwords, and other information necessary to have access to the system, which makes it possible for them to install the malware in the computers inside the banks. As a result, employees’ computers are infected. After infection, the hacker uses the malware to keep monitoring the system until it finds an administrator, masters his keystrokes, and records them on the hacker’s screen. Now that the administrator login information has been accessed, the hacker has access to the bank’s system and can now transfer large sums of money from the bank. This has taken place mostly in Russia, but also in Netherlands, the United States, Switzerland and Japan (Sanger & Perlroth 2015). One would note that the targeted countries are the same countries with the most advanced security systems, after which one might wonder what makes them vulnerable. That, however, will be considered later. The hackers make sure that the money is untraceable by transferring it to fake accounts in other countries. The hackers were also found to use another trick with the use of the same administrator information they steal. They would instruct ATMs to dispense cash at certain instances, where a conspiring agent would collect it from the ATM. They also made sure that they took enough time between the infection and the cash-out as a way of making sure that they left no trail. Thanks to Kaspersky Lab, pieces of hackers’ code were found installed in numerous ATMs, where banks had lost millions of dollars, even though no bank has opened up about the losses. Social Engineering Social engineering is another strategy that hackers use to access sensitive information about a computer system, in which they are interested. Traditionally, measures to fight hacking have been directed towards the technical dimension, focusing on strategies of fight malware, cyberespionage, and APT among other technology-based hacking tactics. However, modern times and the need to advance have seen hackers devise new ways to gain control of sensitive systems and the information within, which use psychological manipulation (Berti 2003). This would be best presented using an example. If a consultant comes into a small software engineering firm notifying security agents and IT staff that the president hired him to examine the progress of the new project, he would have to be extremely convincing. In most cases, no one senses anything illegitimate about such a person. Why would anyone? In addition, the consultant is dressed well, speaks eloquently, shows great confidence, and talks about some information only a few people know on the outside. A number of engineers give him the blueprint of the new project, he visits department heads to lunch and leaves. A few weeks later, market rival of this firm comes up with a product exactly the same as the new project, which the small firm has been working on for more than a year. The consultant did not ask for any login information, did not use any software or hardware, but acquired all the information he required to steal the project from the firm, of course, for the subsequent financial gain. This is what is referred to as social engineering. It employs a wide range of tactics, including confidence tricks, coercion, pretexting and baiting among others, all of which amount to psychological manipulation of the subject (Hadnagy 2011). Confidence tricks involve the exact kind of scenario that has been described in the example above, where the hacker makes the victim believe in the masked legitimacy he presents and, as a result, divulges all the information needed (Kennedy & Parsons 2014). With coercion, the hacker uses threats and other coercive measures to drive information out of the subject. Pretexting (also known as blagging) involves using an invented scenario, to which the victim is subjected in an effort to maximise his chances of disclosing sensitive information, which would be impossible under normal circumstances. There various other tactics that hackers use, which also employ manipulation, although some recent ones have integrated some technological elements, such as baiting and phone phishing. Cyberespionage Hackers have also adopted the practice of obtaining sensitive personal, corporate, or government information using both malware (mostly Trojan horses and spyware) as well as computer system cracking techniques. It has been known to be the most pervasive form of hacking, which cuts across corporations and governments in what is referred to as cyber warfare, with the worst aggressors being argued to be China and Chinese companies. The hackers are used to access this information for business, political, personal, or even military purposes. This is a form of espionage that involves mainly access to corporate and government secrets or using cracking techniques and spyware to take control of large computer systems (Lord & Mauriello 2014). In recent times, it has even adopted the approach to monitoring public activity on social media sites in an attempt to access information that is potentially harmful to the victim through sabotage. Ethical questions have continued to rise with respect to this practice because it is often supported by the highest levels of government on the part of the aggressor and opposed by the victim. China has been argued to exploit the cyberspace with ill intentions against the United States and other western countries, and the US names it as the largest cyber warfare threat. At present, there are two major tactical approaches said to be used by China, which include Stuxnet, a virus used to spy computer systems, and IP hijacking. Stuxnet is known to have originated from the United States and Israel as a form of malware to spy Iran’s nuclear operations (Halliday 2010). Stuxnet, therefore, worked in the same way as the malware described earlier, used by hackers to steal bank information by Russian hackers. On the other hand, IP hijacking is allegedly used by the Chinese to redirect routing information through China. This technique apparently scans through routing tables after rerouting them through the aggressor’s networks, after which the information is analysed and used to the benefits of the aggressor. Owing to the massive volumes of the data that is stolen, the magnitude and expansiveness of the computer systems hacked, and the immense sensitivity of this information, cyberespionage has become the most critical form of hacking. Advanced Persistent Threats (APT) The advanced persistent threats, denoted by APT involves a series covert and incessant system hacking processes, usually propagated by human culprits, targeting organisations or systems of government for corporate and/or political purposes. The use of APT necessitates a secret approach to hacking and takes place over a prolonged period, in which the hacker takes great caution (Friedberg, Skopik, Settanni, & Fiedler 2015). An understanding of the three dimensions of this approach is necessary. Fits, the advanced part indicates that the hacker used sophisticated techniques that utilise different types of malware to take advantage of security vulnerabilities in computer systems. The persistent part means that a computer system that is externally installed continues to monitor traffic, extracting data continuously from the victim. The threat aspect depicts the contribution of a human aggressor (Cole 2012). This form of hacking is similar to cyberespionage in that it involves high levels of internet-powered surveillance and immense cyber threats. In addition, it utilises some extent of social engineering, which makes it an integrated form of hacking. It is integrated in the sense that it utilises malware, social engineering, and cyber-attacks. Technically, APT works as follows. First, it uses a social engineering or phishing act to infect the computer system targeted. The social engineering act may involve the use of a social network that employees visit, on which they are lured to enter sensitive data. The next step involves the installation of remote administration software on computer network of the target, which is followed by the installation of network backdoors that the hacker uses to access the network. This is followed by further exploitation of network vulnerabilities, cracking passwords acquiring secret administrative rights (Xenakis & Ntantogian 2014). With these rights, the hacker now continues to gather sensitive information from the underlying infrastructure. This information makes it possible for the hacker to explore other servers and network equipment, extending operations into them. Having achieved this, he gains enduring control over the entire (or a large part of) system and, finally, steals the sensitive data he requires from the system (mission accomplished!). Measures Used to Mitigate Hacking The hacking threats that have been discussed above are highly complex because the hacking strategies used are extremely sophisticated. This necessitates, not equally, but much more sophisticated mitigation strategies. As such, this chapter looks to discuss and critique some of the mitigation strategies that organisations and governments have put and are putting in place to counter hacking. Beginning with the malware problem, it has been established that governments and authorities have resorted to giving hackers “a taste of their own medicine” by using the same tactics that hackers use, only more sophisticated. One of the best examples that one can give in this regard is the combination of the cyber weapons that is currently being used by the Canadian government, or so leaked classified documents indicate. The cyber weapons are being used by the government, allegedly in collaboration with the NSA, to collect intelligence while spying on other governments and destroying their adversary infrastructure. The primary surveillance agency in Canada, Communications Security Establishment (CSE), has been said to use a wide range of strategies to shield the government and other entities that fall under hack threats in its efforts to stop the attacks (Ellison 2015). The CSE has not only been said to come up with its own hack attacks but also to destroy those of rival organizations and governments. It also uses social engineering propaganda and tapping into people’s mobile phones and connected computers in an effort to detect any hacking activity. It is also sensitive that numerous websites have been used by hackers not only to steal sensitive data but also to facilitate the installation of malware in private computers. To this end, another approach the Canadian government is argued to use is the use of Quantum malware, supposedly borrowed from the NSA, to steal data from companies, individuals, and governments around the world, which it uses as part of its gathered intelligence (Ellison 2015). While the approach adopted by the Canadian government may work well in the technical sense, it may end up demonstrating the same practice that hackers engage in – stealing information and infiltrating the privacy of people, organisations, and governments. However, one would agree that every government or corporate entity seeks to protect its own turf even though that means hacking practice should never end or become fully ethical, which is why the CSE has not yet accepted to make any comment on the matter. Many organisations are usually involved in the use of ethical hacking. This is a strategy that involves the deployment of a hacking team, which is charged with the responsibility of identifying vulnerabilities in the existing computer system, which could expose the organisation more government to hackers. Following this proactive approach, the hackers can come up with strategies to cover the loopholes identified. This ethical approach is appreciated and should be used even by public authorities, including governments, as opposed to the use of intrusive strategies, such as the one adopted by the Canadian government. In an effort to deal with the threat of cyberespionage, organisations have adopted the use of anti-malware, such as Kaspersky Lab, which makes it possible to identify various command-and-control domains as well as IP addresses, which can then be blocked, thereby preventing further surveillance from those domains. Secrecy in protection has also been found to be a strong tool to protect an organisation. In this regard, organisations are currently adopting secret protection programs, in which they integrate secret security technologies that are difficult for many hackers to penetrate (Shackelford 2014). In addition, at the government level, it is important to shield local organisations from attacks by integrating trade secrets to existing IT technologies and systems, which makes it difficult for social engineering attack to penetrate. APT is possibly one of the most difficult hacking threats to deal with, owing to the vastness of malicious software variations, which goes to the millions. It has been noted that APT attacks are extremely difficult to detect because they are covert and highly cautious. However, their command-and-control traffic is possible to track at layer 4 of most computer networks. For this reason, it is advisable to use the analysis of deep log traffic as well as ways in which different logs correlate, which makes it possible for establish different physical and technical concepts, such as the locations from which the logs were made and by which administrator. This takes to account the fact that administrator passwords and usernames can be stolen by hackers, which also happens at the network layer (Cole 2012). Also important to note is that hacker traffic can hardly be registered as noise, which makes it difficult to detect it at this layer. However, there is available log correlation tools that can be used to filter traffic from authorised users, thereby making it possible to identify the locations from which malware was installed. With regard to the social engineering threats, designing the physical infrastructure of networks and buildings housing them would be a viable option. In addition, training employees on how to detect social engineering tactics is an ultimate solution. Conclusion This essay may not exactly exhaust all the approaches and techniques that hackers use to penetrate different computer systems. However, the above four have been found to be intensely propagated in recent times, meaning that they are the most utilised by hackers in recent years. As such, strategies to deal with them are the direst in current times, which necessitates their review. This essay, quite importantly, notes that a combination of both social and technical strategies is used by hackers. This makes it necessary to use the same combination in dealing with the hackers strategies. Having mentioned that, organisations and governments should consider ethical hacking as the ultimate and sustainable strategy, as opposed to the intrusive strategy adopted by the Canadian government. References Berti, J 2003, Social engineering: The forgotten risk. Canadian HR Reporter 16.13, 21,23. Cole, E 2012, Advanced Persistent Threat : Understanding the Danger and How to Protect Your Organization. Syngress, Burlington. Ellison, K 2015,Canada’s “secret hacking tactics” exposed in new report. Retrieved Mar 26, 2015, from We Live Security: http://www.welivesecurity.com/2015/03/24/canadas-secret-hacking-tactics-exposed-new-report/ Friedberg, I., Skopik, F., Settanni, G., & Fiedler, R 2015, Combating advanced persistent threats: From network event correlation to incident detection, Computers & Securit Vol. 48, 35-57. Hadnagy, C, 2011, Social Engineering: The Art of Human Hacking, Wiley, New York. Halliday, J 2010, Stuxnet worm is the work of a national government agency. Retrieved March 26, 2015, from The Guardian (London): http://www.guardian.co.uk/technology/2010/sep/24/stuxnet-worm-national-agency Kennedy, A.-M., & Parsons, A, 2014, Social engineering and social marketing: why is one "good" and the other "bad"? Journal of Social Marketing 4.3 , 209-198. Lord, R., & Mauriello, T, 2014, Cyberespionage by Chinese military targeted Pittsburgh-area businesses, officials say. McClatchy - Tribune Business News [Washington] 19 May. Peralta, E, 2015, Report: Using Malware, Hackers Steal Millions From Banks . Retrieved Mar 26, 2015, from NPR News: http://www.npr.org/blogs/thetwo-way/2015/02/16/386739804/report-using-malware-hacker-steal-millions-from-banks Perrault, M, 2015, 2015 Cyberattack Threats Lurk For Stock Exchanges, Law Firms Hospitals also a target as cybercriminals eye electronic health data. Investors Business Daily [Los Angeles] 02 Jan . Sanger, D. E., & Perlroth, N, 2015, Bank Hackers Steal Millions via Malware. Retrieved Mar 26, 2015, from New York Times: http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html Shackelford, S. J 2014, Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace, Cambridge University Press, Cambridge, MA. Verma, V., Pathak, A. A., Bathini, D. R., & Pereira, A 2014, EnterAll InfoSec Solutions: Growing an Ethical Hacking Business. Richard Ivey School of Business Case Collection, suppl. 9B14M152: EnterAll InfoSec Solutions: Growing an Ethical. (Dec 09), n/a. Xenakis, C., & Ntantogian, C 2014, An advanced persistent threat in 3G networks: Attacking the home network from roaming networks, Computers & Security 40, 84-94. Read More