Trend Micro's three tips to catch a hacker
FYI, this story is more than a year old
It might be difficult to believe in the wake of ever increasing stakes for businesses, but if you know what you’re looking for you might be able to spot a potential hacker and an impending cyber attack.
Many organisations focus on attack alerts, but they don’t necessarily pick up attacks that are sleeping or are disguised so well that they’re happening under the guise of normal business transactions, Trend Micro says.
Hackers can leave their marks, even on their own social media platforms. Here are three quick ways attacks can be perpetrated, which can lead to catching the culprit red handed and to preventing attacks entirely.
What is the evidence?
Don’t believe the TV shows that use the myth of busting breaches when they’re caught in the act. Today’s data breach systems can detect when an intrusion happens and mitigate the risk. This minimises risk and costs.
Sometimes hackers can be undetected and it takes a combination of InfoSec analysts to look at the attack vectors, what hackers did, what information was stolen and why it might be useful to them. This evidence can potentially track down the culprit and mitigate future attacks.
How many threat actors are involved?
EyePyramid was a malware that stole 87GB worth of sensitive data from many countries including Japan. A brother-sister team was behind the attack, and it was their ‘quirks, habits and techniques’ that led to their downfall, Trend Micro says. Security tools can detect behavioural trends which can allow breached organisations to uncover sources behind the attack.
"Hackers can make simple mistakes by revealing too much about themselves,” comments Martin Roesler.
How to track social interactions
Hackers often post too much information on places like the Dark Web, such as in the case of Limitless Logger which was used to disable security controls, record keystrokes and exfiltrate account passwords.
Trend Micro tracked the original author down just by looking at posts, which uncovered that “the culprit just completed the first semester in a university as well as contact details for Skype and PayPal accounts”.
After some detection, the hacker’s public social network details were found and Hackforum chat logs uncovered his real name.
Spelling errors could give the game away
Trend Micro says that last year the Bangladesh Bank spotted a misspelling that prevented a $1 billion height - although the hackers got away with $80 million. When phishing, hackers can sometimes leave mistakes in content or URLs that could tip off users into detecting potential attacks.
Trend Micro says business can protect themselves by using cybersecurity tools and educating employees about being observant and reporting suspicious behaviour.