Companies have been fighting cybercriminals and criminals for years. Companies are getting more aware of the threats which might hit their environment and for that reason they have been implementing cyber security solutions which claim to keep the company environment safe from malicious users.
Companies are also using physical security professionals to keep the company environment safe from criminals, but it is not usual that the physical security professional will investigate your teeth to see if you are hiding a USB stick or any other type of data storage unit.
The government agencies like GCHQ and NSA are aware of how companies are being protected against malicious users. These same government agencies publish guidelines on how to infiltrate company environment. The Edward Snowden leaks, clearly showed how the NSA had prepared flowcharts and tutorials on how to infiltrate company computer networks and environments
You have already been hacked
10 out of 10 companies have already been hacked. If the hack had an impact on the organization is something else. In enterprise environments, thousands of users communicate with the company network and from a hackers point of view this means that there are at least 1001 ways to infiltrate a company network.
I am not going to state how you can be hacked, but I am going to leave some questions which will give you the answer on how high the possibility is that your company environment has been (or will be) breached/hacked.
- Do you run outdated software in your company environment?
- Do you allow devices which hold outdated software in your company environment?
- Do you allow personal devices (private) in your company environment?
- Is the public company website connected to the company private network?
If you have answered yes to one of the questions above, then the chance is very high that you will be targeted in the near future.
New types of attacks
In the last couple of months I have witnessed “new” attacks which are capable of leaving a massive trail of damage.
The Ransomweb attack focuses on outdated web applications. The Ransomweb attack will target the outdated web application and it will try to exploit the outdated web application with a widely known exploit.
The hackers or actors behind the ransomweb attack will create an automated crawler which will try to infect each website that it targets. Once the hackers or actors gain access to the outdated web application, they will continue to steal and encrypt the database of the hacked web application environment.
Once the stolen database has been encrypted, the hackers or actors will force the owner of the hacked web application to pay a specific amount of money and if the ransom is not paid on time, the data will be deleted or published on the internet.
We expect that the ransomweb attack will have a high impact in 2015.
One of the biggest SIM card manufacturer in the Netherlands claims to be hacked by the NSA and GCHQ. They claim that the government agencies have implemented an backdoor in the mobile sim cards.
The hack on Gemalto leaves 85 countries vulnerable to attacks which originate from the NSA or GCHQ. The Dutch Gemalto company provides her services to 85 countries. Well, hello Miss. Espionage.