TechnologyAccounting SoftwareIT security: how to spot a hacker

IT security: how to spot a hacker

Are you sitting comfortably? Perhaps you should look over your shoulder instead. One of your colleagues could be stealing company data

After many years in the IT industry, I’ve discovered a hacker doesn’t always
fit the stereotype. Instead, according to the FBI, the most common hacker is
probably sitting at the desk next to you, right now.

This is someone who gets to work early, takes his or her turn cleaning out
the office fridge, tells funny stories at lunch and, at some point, makes a very
dumb move. It often starts when this hacker-next-door sees a file directory or
workstation that’s just too juicy to pass by, like one named ‘Salary
Comparison’. It’s simply too tempting NOT to peek inside.

In other words, curiosity is one scenario motivating the most common hacker.
Another is revenge and, of course, increasingly on the rise is industrial
espionage.

What organisation has time to do professional, in-depth background checks on
every temping IT consultant? Often this part-time help is called upon when times
are tough, and corners are most easily cut during a recession. The result is
people who get easy access to the most sensitive and impenetrable systems.

No matter what the reason, internal hacker attacks make up 70% of all
security breaches according to the FBI. The next question is: how do these
attackers get access to critical systems?

The answer: all too easily. Once that hacker-next-door decides to break into
a target system, their next stop is a search engine. A few key words later, and
anyone can discover that the most common ­ and effective ­ type of hack into a
target system is to become what’s called a ‘script kiddie’.

Script kiddies use default lists of privileged passwords, or the
super-user/administrative codes built into every piece of hardware and software.
Have you ever noticed the ‘Administrator’ ID next to your name when you login to
your workstation? That’s a privileged user and password, a backdoor into your
system built by the manufacturer. It cannot be disabled or destroyed.

Let’s turn back to our hacker-next-door who wants to access the salary
comparison workstation. They don’t know who owns this workstation, but they can
search to find what the default Administrator passwords are for this type of
standard business PC.

If the built-in default doesn’t work, the would-be hacker may try simple
passwords like CompanyName123. You’d be stunned how often these basic passwords
– also available as mini computer programs on the web ­ are the fastest way into
any organisation’s data.

Once the hacker enters a target system with a privileged password, the
evil-doer now has more access to data than the system’s legitimate users. At one
company, for example, a disgruntled IT professional changed every password on
the network.
All software had to be reloaded. The company was basically shut down for days.

Meanwhile, the angry ex-employee denied all knowledge of the incident. And
who could prosecute him? The deed was done under an anonymous identity, the
Administrator.

So there you have it: the most common hacker is actually someone working in
your business today, a non-professional trouble-maker who ­ when tempted ­ can
easily find his or her way into your organisation’s most sensitive data.

This leads to another question I am commonly asked: why do most enterprises
leave their privileged passwords, the keys to their kingdom, open and unmanaged?

The reason is simple. Manually changing these codes is extremely
time-consuming, so these back doors generally stay open.

Visit professional hacker sites, and their biggest complaint about script
kiddies is not that they exist but that once these amateurs do something
flagrant and dumb with
privileged passwords, these wonderful secret passages into a company’s data get
closed to the professionals.

Of course, there are automated ways to securely change privileged passwords
in ‘digital vaults’, which ties an individual ID to a shared one ­ this very
software is now being used by many security-savvy enterprises around the world.

Until these products become standard tools in most enterprises, however, I’d
keep a close eye on the folks around you. You never know who is privileged to
your information.

Calum Macleod is European director of Cyber-Ark
Software, cyber-ark.com

Outsourcing danger

Outsource your code and you’re more likely to be hacked. Organisations that
admitted to being frequently hacked all outsource at least some of their coding
practice, with 90% outsourcing more than a third, according to a report by
Quocirca and supported by Fortify Software.

The hacker’s future looks rosy, with 78% saying that it is important for them
to outsource software development due to the cost benefit.

But security is being left out in the cold as companies fail to build in
security when they outsource the development of their critical applications.

A staggering 60% of companies that outsource the coding of their critical
applications do not mandate that security must be built into the applications.

Yet statistics show that the software application layer is where most hackers
are accessing critical data.

According to NIST (National Institute of Standards and Technology), 92% of
vulnerabilities affecting computer networks are contained in software
applications.

As organisations increasingly look to outsource application development, more
components of software applications are being developed outside of their direct
control.

You need to make sure when applications are designed that they are constantly
checked for vulnerabilities. Use application security software to do this
automatically.

Rob Rachwald, Fortify Software (Fortify.com)

Securing data on the move

How do you stop mobile data getting into the wrong hands?

• Encrypt your data on every device you carry, if it’s sensitive. As everyone
now uses their own personal devices to link into the corporate network be sure
you can accommodate every type of file.

• Buy a software product that can detect devices trying to connect to the
enterprise and sync with corporate data.

• Make sure the encryption software you invest in does not slow down your
system.

• Never leave data security up to the end user. It is imperative that this is
controlled and managed centrally. This can also reduce TCO (total cost of
ownership) as machines don’t need to be locked down or bought into the office to
update them.

• Corporate governance now requires you to have security and prove it. Use
software that includes a central management console ¬ that way every machine is
protected and can be tracked.

Follow these steps and you will be able to roll out a sustainable security
policy for all end points and devices.

Peter Mitteregger, CREDANT Technologies
(credant.com)

Related Articles

Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

3w Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

5m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

5m Alia Shoaib, Reporter
UK behind foreign markets in digital accounting, but gap is narrowing

Accounting Software UK behind foreign markets in digital accounting, but gap is narrowing

7m Alia Shoaib, Reporter
The rise of the progressive accountant

Accounting Software The rise of the progressive accountant

8m Emma Smith, Managing Editor
Making Tax Digital: Revolution or revolt?

Accounting Software Making Tax Digital: Revolution or revolt?

8m Emma Smith, Managing Editor
Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

Accounting Software Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

8m Emma Smith, Managing Editor
Four reasons why SME owners should switch to cloud accounting

Accounting Software Four reasons why SME owners should switch to cloud accounting

9m Emma Smith, Managing Editor