Most common hacking techniques
Used by penetration testers and hackers, discover the most common hacking techniques
What is hacking?
One useful definition offered by anti-malware provider Malwarebytes is:
“The gaining of unauthorised access to data in a system or computer, tablet, mobile phone or even entire networks”.
Common hacking techniques
Breaking into your systems – or simply breaking them – is possibly easier than you think. Here are some of the threats your business faces right now.
Denial of Service (DoS) attacks
Usually targeted at websites, Denial of Service (DoS) attacks are intended to disrupt and destroy. This attack works by overloading your systems with more network traffic than it can handle.
Take your website for instance. Normally it can serve thousands of users every day, often hundreds of users at the same time. But if too many visitors arrive at once, the website is overloaded and crashes.
In a DoS attack, the hackers simulate thousands of requests that hammer your systems until they finally fail. Sometimes you may encounter a Distributed Denial of Service (DDoS) attack which works on the same principle, but uses a network of computers to generate traffic, helping to disguise the source and intention.
Spotting a DoS attack is quite straightforward – you will see thousands of requests coming from the same IP addresses or geolocation every second.
All of your most important systems, including your website, use a database to store information. In almost every case these databases rely on Structured Query Language (SQL) to read and write information.
Using a SQL Injection attack, hackers will try to execute database commands remotely by exploiting security vulnerabilities in your systems. If they can inject SQL commands into your website they can steal valuable data that can be resold. Hactivists and troublemakers may simply delete all the data they can.
Skilled hackers may also be able to perform backend manipulation, changing configurations on your systems. Once the database server has been compromised, they may also be able to launch attacks on other network assets stealing even more information.
Malware is the most common of all hacking techniques. One anti-malware provider describes it as any “code developed by cyber-attackers, designed to cause extensive damage to data and systems or to gain unauthorised access to a network.”
Malware comes in several formats including:
- Viruses that delete data or interfere with the good running of your computers. This may include causing advertising pop-ups or using infected machines to “mine” cryptocurrency.
- Ransomware that encrypts your data and demands you pay a ransom to recover your files.
- Trojan horses that open a backdoor to your computer, allowing hackers to steal sensitive data – or even take control of your system.
- Malware is typically “caught” by opening an infected email attachment or visiting a compromised website. The software installs with minimal user intervention and it may take weeks or months before you realise there is a problem. But every minute the malware is installed, the more damage that may be done.
Phishing & Social Engineering
One of the most effective, and low tech, hacking techniques is to simply ask users to willingly hand over their passwords and other sensitive personal information. These types of social engineering attacks vary in sophistication, but the goal is always the same – to exploit people as the weak point in your cybersecurity defences.
In a phishing attack, hackers send carefully crafted emails that appear to come from a trusted source, like your bank. Normally phishing email tells the recipient that their account has been compromised by hackers and that they must reset their password immediately. When the user clicks on the email, they are redirected to a website that appears to be legitimate but is actually run by the hackers. The user thinks they are going through a password reset process – but instead they are handing their working credentials to the hacker. Those credentials can then be used to break into your protected assets.
Social engineering attacks rely on similar subterfuge with hackers pretending to be representatives of a trusted party. One of the easiest, and most effective, social engineering techniques sees the hacker call one of your employees on the phone posing as a member of the technical support team. The hacker reports an issue with the user’s account and ask for their username and password to conduct some tests. The hacker can then use those credentials to break into systems and steal data or cause disruption.
Social engineering hacking is an update on old-school confidence scams. Although there are technical solutions to help protect against these attacks, education is more effective – helping your users identify fraudulent emails and calls for themselves.
Man-in the-middle attacks intercept traffic as it passes across your network or the internet. The hacker simply captures all data passing between two points, analysing it for anything useful, like passwords or sensitive personal data. Alternatively, the hacker may “spoof” a legitimate destination, collecting all the data you send.
One of the most common techniques is the man in the middle WiFi attack. In this set-up, hackers install a compromised WiFI access point, often in a public place. When devices connect to the “fake” access point, hackers can harvest all the data that passes through it.
Key to man in the middle prevention is the use of encryption. SSL – the same technology that protects your credit card details when shopping online – can be used to encrypt your network traffic. If a hacker does capture that data, they cannot use it because they cannot decrypt it.
Living Off the Land Binaries & Scripts (LOLBAS)
More commonly we see hacking techniques are becoming stealthy - using existing tools within the network to evade modern NDR/EDR/XDR protections. An example of this would be using PowerShell (which is used regularly and legitimately by user devices) to run remote code executions, allowing hackers to laterally move across the network.
How can BlueFort help?
BlueFort offers a full 360º approach to cyber security, ensuring that business and customer data is kept safe – from loss, theft or damage. The BlueFort Cyber Assessment has been designed to help businesses like yours understand the risks posed by hackers – and the damage they could do to your organisation. And once you know, you’re better placed to fix them.
BlueFort can offer automated penetration testing, solution validation, configuration reviews and user education to ensure your business is properly protected from hacking and social engineering attacks. We ensure that you have a complete understanding of your security posture – and the data you need to make informed security strategy decisions in future.
To learn more about how BlueFort can support your business, or if you have any questions about our ethical hacking services and how it could benefit you, please give us a call on 01252 917000.