Outfox cybercriminals with these hacker prevention tips

August 8, 20184 Minute Read

Hacker prevention gets trickier every day, which means increasingly sleepless nights for IT pros. The old-school model of perimeter-based security isn’t good enough to protect your business from digital attackers anymore. Threats have shifted to the endpoint, and if just one user in your network falls prey to one of the advanced phishing exploits going around, it’s open season on your IT security.

Malware is becoming stealthier, too, enabling hackers to move laterally inside your systems and pilfer as much data as they please. Here’s the good news, though: You can protect your business by getting up to speed on the new malware infiltration methods hackers have devised—and maybe even catch a few well-deserved Zs afterward. Here’s what you need to know.

Stop malware from cloaking itself within your non-executables

According to SafeBreach, one of the most successful infiltration methods today involves hiding executable files within non-executables, akin to Russian nesting dolls. With this technique, also known as nesting or packing, hackers stash malicious payloads in otherwise innocent-seeming script files or macros. Once those cloaked executables spring into action, the probability they will successfully infiltrate your network is alarmingly high.

If that’s not enough to freak you out, get ready: Hackers enjoy an even greater success rate when they use specific forms of this technique. For example, SafeBreach’s recent research discovered that, when hackers packed executables inside JavaScript, they had a 60 percent success rate infiltrating a network. Slipping an executable inside a Visual Basic script using HTTP resulted in successful infiltration 56 percent of the time, while nesting an executable inside a compiled HTML file format extension had a 55 percent success rate. And here’s the kicker: over 70 percent of the time, hackers are free to move laterally through your network once they’ve gained access.

Keep an eye on Carbanak and similar exploits

Nesting is worrisome enough on its own, but it isn’t the only game in town—other forms of malware are getting in on the action, too. In SafeBreach’s simulated attacks, WannaCry 2.0’s exploit of a Windows SMB vulnerability was successful 63 percent of the time. Combine that with cloud-based business applications, and your network is a big target. Carbanak, a financially motivated hacker group that uses malware exploits to do their dirty work, leverages Google’s App Script, Sheets, and Forms to stage its incursions. As ZDNet reports, Carbanak stole over $1 billion from banks in just two years, and now it’s moving on to targeting businesses.

Old exploit kits—even ones that have been around for a while—are still effective in delivering malicious payloads. They can make a run at your endpoint security and gateway solutions, bypassing defences to gain unauthorised access to files and systems. In other cases, misconfigured security products can unwittingly invite a breach—an embarrassing instance any IT pro would want to avoid. In particular, misconfigured malware sandboxing solutions can prove vulnerable to a malware exploit if they don’t properly address all ports, protocols, file formats, and encrypted traffic.

Turn your cybersecurity defence toward hacker prevention

What does successful hacker prevention look like in an environment where malware can tuck itself into seemingly innocuous files, exploit vulnerabilities in operating systems and cloud applications, hop into your endpoints, and even compromise your security systems? Once hackers have infiltrated your network with their malware, they have free rein. Plenty of office networks were designed based on the assumption that any transactions or exchanges within the network could be trusted, but that’s no longer the case—and it’s time to update your cybersecurity strategy accordingly.

First, try a multilayered approach to network security that better protects your business in the event of a breach. Bolster your endpoint security with devices that come with built-in security. For instance, modern printers with embedded security features can detect and prevent an attack in progress, self-healing from a potential malware exploit fast enough to keep it from spreading throughout your entire IT environment.

Next, regularly update and fine-tune your unique security protocols and protections, right down to where malware creeps in at the user level. Don’t forget to validate your controls and assumptions to make sure they’re correct, too—because what may look sufficient on paper may not actually hold up to an attack in reality. SafeBreach found that few businesses are actually “watching the exits” and are failing to scan outbound transmissions to prevent hackers from making off with their data—so it’s essential to keep that loophole closed.

Malware is getting sneakier, but you can keep it from wreaking havoc by staying on top of new threats and keeping your IT security strategy up to date to defend your business from attacks across multiple stages of the kill chain. Securing your business from an attack doesn’t necessarily require investing huge funds in a new security solution, either. In fact, you can make real progress by making smart, timely adjustments designed to match the evolving threat. This type of proactive approach will ensure a more restful night’s sleep for any IT pro.

Gary Hilson October 31, 2018 4 Minute Read

5 ways to prepare for PIPEDA’s updates

PIPEDA's getting an update, and it looks a whole lot like GDPR. Here are five best practices that will help you stay compliant.

Stephanie Vozza October 29, 2018 4 Minute Read

Brush up on these 4 fundamentals for Cybersecurity Awareness Month

From employee training to shoring up endpoints and passwords, get primed for Cybersecurity Awareness Month with these four security and privacy tips.

Graham Templeton September 26, 2018 4 Minute Read

Prepare for PIPEDA with better device security and data privacy

Complying with PIPEDA's new privacy amendments requires diligence in everything from internal processes to device security.