What does it take for us to get hacked? How safe are we really?
What is your perception of computing?
We _expect_ Google to run when we want it. This expectation supposes a functioning computer. So a desktop or tablet/phone must be running when we need it. Credit card processing must work when we want to use it at that moment
We expect the computer to run without problems – but if we are lax on car maintenance the car can expect problems.
So it is with computing if lax on security you will have problems.
The problem with this model is that for the network and computers, databases and more to be 24 hours 7 days a week requires quite a commitment, although we can do it as a society it is not easy to make that commitment.
And the Hackers know that – they only need to find a small problem to find another problem and so on until they can control the computer to make money. We have called that SVAPE&C (for a more detailed explanation in how a hacker actually takes control follow the link).
This also means that servers performing various tasks like search tasks (Google) or banking require a constant up status.
There are several tasks that we all think of and require our computers to do their tasks, whatever the application (health, travel, security) . In travel I am including cars and planes.
There seems to be more and more computing in every facet of our lives.
Besides the tasks in everyday living and working there are applications within social media that we want our computers to run when we want them.
Of course the criminal hacker knows that we want our computers to run all the time. It makes computers more open to attacks.
There are many threats found every month and for many years. Of those threats some make the hackers life easy to control your machines.
This post about the Heart Bleed exploit found in CVE-2014-0160 was a vulnerability in the underpinnings of the Internet.
It is the “remote execution capability” that is really scary. In that case the software you are using has a security vulnerability that allows someone to change your computer without your knowledge and without your permission.
The nice thing about computers is that they can run just by plugging them into electricity and they will run 24 hrs a day. Well this is also a bad thing, because if you do not have security up to a high standard then you will get attacked by people knowing that these remote code executions have made your devices susceptible to attacks.
In the beginning the hacker is not interested in modifying the controlled computer too much (at this point it is the recon phase). But as the hacker keeps working to see what you have on the system, then the hacker will eventually try to make some money. One way or another eventually you will receive some ransomware. And it may not be from the initial attacker. There is a criminal market (called Darknet) that another criminal buys access to machines that have been already hacked.
From an old Teslacrypt post in 2015:
There are many types of ransomware and you are susceptible to these attacks if you do not “maintain” your security – treat it like maintenance of your car – 3000 miles to change your oil is an example?
We assume uptime 24 hours 7 days a week, and the hacker looks for any weakness to eventually control so they can make money on our devices – this is the challenge. If we do not spend time on security we will have problems – it is a matter of time as illustrated in my 500 barrel RiskGun post.
With computers we can’t just assume all our computers will work without problems forever. We have to pay attention to backups and security(patching and configurations). If we spend at least 5-10% of our time on security then it will pay off in allowing us to keep up with the latest security incidents that otherwise could put a halt on all of your computing applications needed. Thus 5-10% effort on security reduces your risk to a negligible level.
How to actually reduce security risk to a minimal level is the key – and this differs on your IT needs and environment, but IT basics as in backups, patching, configurations, test your environment are the keys.
Contact Us to review this for your situation.