Story image

Trend Micro's three tips to catch a hacker

21 Mar 2017

It might be difficult to believe in the wake of ever increasing stakes for businesses, but if you know what you’re looking for you might be able to spot a potential hacker and an impending cyber attack.

Many organisations focus on attack alerts, but they don’t necessarily pick up attacks that are sleeping or are disguised so well that they’re happening under the guise of normal business transactions, Trend Micro says.

Hackers can leave their marks, even on their own social media platforms. Here are three quick ways attacks can be perpetrated, which can lead to catching the culprit red handed and to preventing attacks entirely.

What is the evidence?

Don’t believe the TV shows that use the myth of busting breaches when they’re caught in the act. Today’s data breach systems can detect when an intrusion happens and mitigate the risk. This minimises risk and costs.

Sometimes hackers can be undetected and it takes a combination of InfoSec analysts to look at the attack vectors, what hackers did, what information was stolen and why it might be useful to them. This evidence can potentially track down the culprit and mitigate future attacks.

How many threat actors are involved?

EyePyramid was a malware that stole 87GB worth of sensitive data from many countries including Japan. A brother-sister team was behind the attack, and it was their ‘quirks, habits and techniques’ that led to their downfall, Trend Micro says. Security tools can detect behavioural trends which can allow breached organisations to uncover sources behind the attack.

"Hackers can make simple mistakes by revealing too much about themselves,” comments Martin Roesler.

How to track social interactions 

Hackers often post too much information on places like the Dark Web, such as in the case of Limitless Logger which was used to disable security controls, record keystrokes and exfiltrate account passwords.

Trend Micro tracked the original author down just by looking at posts, which uncovered that “the culprit just completed the first semester in a university as well as contact details for Skype and PayPal accounts”.

After some detection, the hacker’s public social network details were found and Hackforum chat logs uncovered his real name.

Spelling errors could give the game away

Trend Micro says that last year the Bangladesh Bank spotted a misspelling that prevented a $1 billion height - although the hackers got away with $80 million.  When phishing, hackers can sometimes leave mistakes in content or URLs that could tip off users into detecting potential attacks. 

Final conclusion

Trend Micro says business can protect themselves by using cybersecurity tools and educating employees about being observant and reporting suspicious behaviour.

SUSE completes move to independence
“Current IT trends make it clear that open source has become more important in the enterprise than ever before."
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
SAS announces US$1 billion investment in AI
"At SAS, we remain dedicated to our customers and their success, and this investment is another example of that commitment."
Two Ministers’ thoughts on blockchain in Oz
Minister Karen Andrews, and Minister Simon Birmingham have released a joint statement on the national blockchain roadmap and extra $100,000 funding.
IntegrationWorks continues expansion with new Brisbane office
The company’s new office space at the Riverside Centre overlooks the Brisbane River and Storey Bridge.
DXC subsidiary takes SAP energy industry partner award
Winners of the awards were selected from SAP’s A/NZpartner ecosystem and announced at the recent SAP A/NZ Partner Kick-Off Meeting held in Sydney.
NetApp and allegro.ai showcase an integrated solution for deep learning
Unlike traditional software, in deep learning, the data rather than the code is of the utmost importance.
Opinion: Moving applications between cloud and data centre
OpsRamp's Bhanu Singh discusses the process of moving legacy systems and applications to the cloud, as well as pitfalls to avoid.