Business networks are attractive targets for hackers.
They’re a repository for valuable information, which could be customers’ personal data or proprietary information on products or services. Hackers and cybercriminals have become a permanent fixture in the enterprise technology landscape, but that doesn’t mean they have to destroy your business network. Beat them at their own game by thinking like a hacker to secure your digital assets — read on to learn more. The 2 Characteristics of a Hacker: Patience and Persistence In order to think like a hacker, you have to understand the characteristics that make them successful and enable them to carry out their crimes. Hackers are similar to bank robbers. They actively investigate a company’s network and defenses to determine where the weak spots are. It can take time to complete a thorough investigation, but that’s why successful hackers are patient. They’re also persistent; hackers are aware it can take more than one try to crack a firm’s security settings. When considering a hacker’s traits, many cybersecurity professionals make the mistake of spending too much time on what motivates a hacker. Hackers attack targets for money, though they also breach networks for ideological reasons. You might never find out what their motivation is, so focus on their temperament. What Breach Methods Will They Use? In order to think like a hacker and better secure your network, you must have a thorough understanding of the techniques and tools hackers use to attack business networks. While it might seem that hackers have an unlimited arsenal at their disposal, it’s not the case. And that’s good news for you, because it makes it easier to identify the tools and methods they use to breach networks. For example, password crackers identify weak passwords that can let hackers into your system. Remote administration tools give unauthorized parties access to computers. Backdoor exploits take advantage of vulnerabilities and enable hackers to infiltrate the network. Denials of Service (known as DoS) attacks flood a system so it can’t provide normal service and crashes. What Do Hackers Want From Your Organization? In The Art of War, Sun Tzu wrote, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” What a Chinese philosopher wrote centuries ago about armies at war is surprisingly relevant for cybersecurity professionals today. When it comes to network security, “knowing yourself” means being aware of what hackers want from your business’ network. As mentioned earlier, the most valuable digital asset any company possesses is data. Every organization that stores information digitally is at risk. Just because your company is small doesn’t mean that you’re not at risk. We’ll use the Target data breach as an example. In November 2013, American retail giant Target fell prey to a data breach. An investigation showed that hackers were able to access the company’s networks because they stole a third party service provider’s credentials (in this case, it was an HVAC company that monitored energy consumption and temperature inside of stores). The HVAC services company was used as a stepping stool for a much larger quarry. What Can You Do to Protect Your Network? Now that you know how to think like a hacker, how can you use this knowledge to protect your business’ networks? For a start, assess your vulnerabilities. Are there any points at which hackers can easily access your network? What are the harder-to-find, but not impossible to exploit, vulnerabilities? The next step is to tighten your defenses to make it much more difficult for hackers to get what they want out of your company. Be aware of the possibility that you’ve already been hacked and you didn’t know about it. Zero-day vulnerabilities (gaps in software that vendors don’t realize are there) come out faster than firms can deal with them. That’s why it’s equally important to have a mitigation plan in place that reduces the disastrous effects of a hack. Thinking like a hacker means you have to be vigilant around the clock. Hackers don’t take breaks for weekends or holidays, and they don’t work 9 to 5. Yes, the hacker mindset means more work for you. But it also keeps your network safer, so it’s worth it.
Source: BreachExchange: Think Like a Hacker to Secure Your Network