Hacking has evolved from simple pranks to sophisticated and malicious techniques strategized to prey on unsuspecting and vulnerable businesses, organizations, and people.
One would be surprised to know how simple and unsuspecting common hacking techniques are, and if we are to merit the complexity and innovation of some sophisticated hacking techniques that even an IT audit can’t immediately decipher, we can applaud its brilliance.
Here are some hacking techniques we have uncovered that range from simple social engineering to sophisticated remote cyber attacks:
1. Fake Wi-Fi Access Points
Think of all the times you have tried to search for a Wi-Fi signal in public places, hoping to find one that doesn’t require a password.
Hackers take advantage of this need and use software and a wireless network card to advertise as a fake WAP (wireless access point) from where people can easily connect. They can easily get open data such as passwords from the stream connecting these people and their intended remote hosts.
Protect yourself: Never trust public wireless access points, and consider using a VPN connection. Further, a common web security is to avoid using the same password for all your accounts and e-mails too.
2. Watering Hole Attacks
These types of attacks are fake WAPs set out on a grander scale. Hackers take advantage of locations frequented by targeted victims, creating fake WAPs to get as many data as possible, most often company login information.
Some hackers maliciously modify a frequently visited website to leech off information. This attack became popular when high-profile companies such as Apple, Facebook, and Microsoft were compromised because employees visited popular application development websites—and those sites were hacked.
Watering holes such as company office cafes and bars are also vulnerable to this type of attack, hence its name.
Protect yourself: Orient your employees about this kind of hacking technique for them to become wary of what they share on commonly visited physical locations and websites.
3. Masking of File Names
Hackers can manipulate files you download from the Internet too! What should be picture files ending in .GIF or .JPG are actually programs with the .EXE extension that when opened, run or execute malicious software (malware) into computers.
Protect yourself: Do not open files downloaded from unreliable sources on the web. Ensure you know the real file name of any file before opening/executing it.
4. Bait and Switch
Similar to file name masking, this popular hacking technique lets victim think they are downloading or running one thing, and they actually are—albeit temporarily, because it is switched to a malicious item.
Think about famous ads running as pop-ups on websites. You are invited to “click” links to go to another page or “download” or “launch” an application and when tested, you see a valid URL or file. But, in reality, it’s just a redirect to malware or cookie theft.
Common unsuspecting ways these are deployed are through free content you can download and use for yourself such a free website counters. There are redirects on the free code issued.
Protect yourself: When setting up your website, beware of any content with links that you have no direct control of. As a visitor, be wary of clicking links that encourage you to check out something or download free content.
5. Cookie Theft
Cookies are the text files of websites we visit that are stored on our computers, and there help the site track our visit and personalize our future visiting experience.
An example of this is if you are a woman purchasing jeans on a shopping website often, you get to see sale ads of jeans more often than other offers. When hackers come into the picture, they steal our cookies, and in doing so become “us” by supplying authenticated logins and passwords stored from our browsers.
Protect yourself: Note that even encrypted cookies can be stolen. As a business, make sure that your web developers use the latest and most updated secure development techniques to reduce cookie theft. Update your encryption protection regularly, your HTTPS sites should be using the most recent version of crypto, TLS version 1.2.
6. Webcam Entries
You might be surprised by how hackers can access websites, networks, and systems remotely, and one of the ways they can do so is through webcams.
Protect yourself: Software and gaming companies suggest organizations that run webcams cover theirs with sticky notes when not in use.
7. Polls Fraud
Online surveys can be fun, but hackers can use these to trick you into giving up personal information that they can use to answer your online security questions.
Protect yourself: Use different passwords for multiple accounts. Never answer anything too personal that asks you to identify favorites or personal preferences.
8. Running Location Searches on Your Directory
Hackers have also found a way to hack into operating systems by the use of a simple search command. Known as a convenient file location trick, “relative versus absolute,” you can find a file in your computer without necessarily being in a particular directory or drive.
Hackers have used this direct you to a masked or similar data you are looking for to run a malware.
Protect yourself: Have your IT security developers enforce absolute directory and folder paths in your operating systems.
9. Running Hosts File Redirect
Very much like running local searches in your operating systems, hosts file redirect runs searches or redirects to files in your domain or website (host).
Hackers have used this to redirect visitors to a masked site of the original site they were supposed to visit, and run malware from there or steal cookies.
Protect yourself: Always monitor and check your Hosts file.
10. Total Loss of Control of System
This is everyone’s nightmare—to be totally hacked into that even you can’t get into the back end of your system or network.
Protect yourself: Use the same defenses outlined in previous hacking techniques. Deploy updates on your security patches, don’t run executables from untrusted sources, and always run security audits to your network or system.
Hackers have become bolder, more aggressive, and more fearless in carrying out their attacks these days.
Diligence on employing security measures from top to bottom (leaders to IT to employees) and consistent IT security audits help prevent hackers from penetrating your systems.
Identifying vulnerable areas in your network is the first step, and then replacing or fortifying areas should follow.
Author Bio
Vlad de Ramos has been in the IT industry for more than 22 years with focus on IT Management, Infrastructure Design and IT Security. Outside the field, he is also a professional business and life coach, a teacher and a change manager. Vlad has set his focus on IT security awareness in the Philippines and he is a certified information security professional, a certified ethical hacker and forensics investigator and a certified information systems auditor.
Ingenious Hacking Tricks to Watch Out For,
Mark Reynolds
Mar 16. 2016
Your blog has been a source of inspiration for me regarding computer tips and security tips. Been reading all your articles and learning from it. Thanks a bunch mate!
Damie
Mar 22. 2016
Your blog has been a source of inspiration for me regarding computer tips and security tips. Been reading all your articles and learning from it. Thanks a bunch mate!
me too mate,really helpful post