Photo by Geran de Klerk on Unsplash
Cyber security for the weakest link
Secret, Quick, Quiet
Virus scanners and firewalls have been around in the IT world for years and have established themselves in people's minds as recognized security measures – which is unfortunate, because attacks on computer systems are no longer just amusement for script kiddies. Instead, attackers, sometimes even autonomous states, systematically target IT resources. The proven defenses are no longer capable of withstanding the current threat situation.
Why should a firewall not be sufficient against these directed attacks? A city wall is a good example of what can happen: It is constructed to protect a city against uninvited guests, much like a firewall, although cyberattacks against a firewall can't necessarily be compared with a cannon that tears city walls down. Instead, imagine the city to be a heavily frequented trading town, where the hackers have disguised themselves as traders. The city wall (firewall) and the city guards (virus scanners) fail to identify the hitherto unknown thieves, because they first behave like normal merchants. However, once they are inside the city, the city wall no longer helps, and the city guards are limited in the extent to which they can check the criminal activity.
How does such a hacker currently proceed in practice? In principle, an attack always follows the same phases:
1. Break-in
2. Persistence
3. Preparatory work (lateral movement)
4. Perseverance and system surveillance
First, the hacker needs to gain access to the system, either by exploiting a vulnerability or inducing a user to execute malicious code. Security gaps are always present (e.g., the well-known Spectre and Meltdown threats). Attackers automatically and permanently check whether they can find computers on the Internet that have the kind of vulnerabilities they can exploit. Keep in mind that the attacker only needs one computer capable of being compromised, so the chain is only as strong as its weakest link.
Therefore, it is
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Improved defense through pen testing
Discover indicators of compromise with open source pen testing tools. -
Reducing the Attack Surface in Windows
The sum total of all possible points of attack can be defined as the attack surface, and you need to take every opportunity to minimize it to the extent possible. Windows has built-in rules that minimize the attack surface; they simply need to be enabled. -
Targeted attacks on companies
Watering hole and spear phishing targeted attacks offer the greatest rewards to cybercriminals. Here's how to protect your company from these types of attacks. - GitHub Accounts Stolen
- More than 2000 WordPress Sites Infected by Malware
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
