Hacked Devices and IT Myth #1

Previously, I posted about Internet devices like security cameras and DVRs being hacked to form a botnet army that was then used to launch attacks against other targets. [Internet Devices Get Hacked Too]

I wanted to draw a link from this fact (that Internet devices of all kinds are susceptible to attack) to an earlier post I made about a common IT myth, the myth that small businesses don’t have to worry about security because hackers wouldn’t go after them.

The fact that cameras and DVRs got hacked proves that hackers don’t go after only big businesses or high-profile targets. Often, hackers are looking for hacking opportunities just to use those targets for further attacks like in this case.

One of the ways hackers try to cover their tracks is to bounce their attacks through multiple networks. That makes tracking them down much harder.

Hackers hack into network A, then use that network to hack into network B, then use B to hack into C, and then use C to hack into D. All this time, they’re keeping their activity as covert as possible to avoid raising suspicion. These targets A, B, C, and D are often smaller, less sophisticated networks. (Like those of your small business.)

Now when the attacker finally does attack a major target (call it “network E”), if anyone notices the hacking attempt, it’s a lot harder to track them down because you’re not just looking for who’s hacking network E.

Instead, when you find out the attack on E came from D, then you investigate D and find out that it too was hacked. Then you have to backtrack to uncover that network D was hacked from network C. That leads you to investigate network C. Eventually you discover that C was hacked from B so you have to investigate B.

You can see where this is going.

Instead of just finding out where one attack came from, you have to trace it back through many other networks and attacks to try to find the source. Each additional network you have to go through adds time and complication to the investigation.

If some of those networks are in different countries that adds a whole new level of complication to the investigation because you have to get permission from other governments to conduct the investigation and maybe even wait on their cooperation.

It can get extremely difficult to track down the perpetrators.

If you don’t take your network security seriously, a hacker will eventually compromise your network. If you’re lucky they’ll ONLY use it to attack other networks (which could still get you in trouble since your devices participated in the attack) but a curious hacker will surely look around your network first and you’d better hope they can’t find anything of value (passwords, bank account information, credit card information and the like.)

Take your network security seriously or attackers might take your network security away.

– Weston Henry

Links:

WestonHenry.com – Internet Devices Get Hacked Too: http://westonhenry.com/2016/10/09/internet-devices-get-hacked-too/

Questions:

Do you see how your network security can affect the security of other networks?

Why do small businesses believe they don’t need to worry about network security

Please note: I reserve the right to delete comments that are offensive or off-topic.

One thought on “Hacked Devices and IT Myth #1

Comments are closed.