Security is a quickly evolving part of technology. As hackers become smarter and their tactics evolve, so must security measures to keep data safe. Recently, in the news, an L.A. hospital is cited to have paid millions of dollars in ransom money to keep hackers from distributing data they had reached. This is just one example of the way hackers’ tactics are evolving. Here are 10 more things hackers are doing today.
1. Taking advantage of Out-of-Date Programs
If your software updates aren’t managed, you could be at risk of getting a virus by doing no more than going to a website. Most viruses require you to take some action, such as downloading something. However, if your programs are out-of-date, malicious codes on websites could breach your security and give you a virus, putting you at risk for stolen data.
2. Extortion Hacks
Hackers don’t always take information for their personal use. Meaning, just because a hacker has access to your credit card number, it doesn’t mean they’re going to buy a boat with your money. When a hacker gains access to your data and systems, they have the ability use that information in any way, including making that information public.
When dealing with sensitive information, such as patient medical records or personal identification numbers on a large scale, a hack can have serious ramifications. That is why hackers started holding information for ransom. Either a business pays a sum of money to keep the data private or the hacker will distribute the information.
3. Cookie Theft
Cookies are small text files that remember when a user navigates a website. This information is tracked over periods of time. When you save your password to a site that requires a login, it’s because of cookies. If a hacker steals your cookies, they can become you, essentially.
This type of security threat isn’t new, but it has become increasingly easy for hackers to steal your cookies. Simple browser add-ons are able to steal unprotected cookies from anyone. It’s up to the website to protect users from cookie theft. More and more, website and application developers are finding out the newest way to protect their clients after it’s too late.
4. Redirects
Hackers are able to write their own malicious entries to hosts. What this means is if you type in a popular site, a hacker could have written a redirect so it takes you to a malicious site they created to take your information. Hackers try to make it look as close to the desired website as possible so the user may never know it was a malicious site. This could then give your computer a virus and steal your information.
5. Chip-and-Pin
Credit and debit cards are switching over to chip-and-pin authentication to try and stay one step ahead of hackers. However, hackers were able to quickly adapt. Chip-and-pin cards are highly effective for making sure a hacker can’t put someone’s information onto a fake credit card, but online purchases have become more and more popular so this is where hackers have shifted their focus. There is no signature needed and no pin to enter with online shopping.
6. IoT Zombies
The internet of things has been hacked. With IoT hacks, instead of hackers hijacking your desktop computer, they take control of a large network of devices. With some of these connected devices, like smart fridges or home security systems, you can’t tell it has been hacked as easily as you could with your laptop but information can still be taken. 2015 was the first time the IoT was hacked, and as we move forward, more and more will figure out ways to breach the security of IoT.
7. Using Backdoors
Using a backdoor means attackers are able to decrypt protected files and traffic. Even those protected from firewalls and VPNs. These backdoors operate without those who are vulnerable knowing they are being used. Data is taken from the system without any malicious backfire, such as a virus that can crash a computer. Larger scale backdoors are beginning to be uncovered and this less disruptive type of hack is gaining popularity.
8. Fake Wireless Access Points
With a computer and some software, anyone can set their computer as a Wireless Access Point or WAP. Hackers set them up in public places where people like to connect- coffee shops, airports, and other frequented places. All they have to do is name their WAP in a way that leads people to believe it is safe, like “Main Street Coffee Wireless Network” for people to connect. Once connected, your unprotected data can be accessed quite easily by the owner of the WAP.
9. Manipulating Data
Changing or manipulating data can be done through several different avenues but the result is the same; the data’s integrity is compromised. Historically, hackers have taken the data they can reach, but this is a different kind of attack. It makes information unreliable without you knowing it. What if the data in your system couldn’t be trusted? What if you applied data that was false? This type of malicious activity could cause many businesses huge problems.
10. Putting in the Hours
With an increasing number of automated systems, which can run without someone there to manually input every detail, hackers are really putting in the hours. No longer are hackers sitting in a dark basement typing away trying to breach your security measures. Their ways of working have become more sophisticated and so must security measures to keep them away from sensitive data.
