In February 2020, Samsung experienced a data breach, claiming to affect a small number of customers. One month later, news broke that Melbourne Tafe experienced a data breach where 55,000 files containing personal, health and financial data were accessed.
Stories like these break every month and usually, it’s only the big corporations we read about.
But the stories we don’t hear about on the news are the ones about the amount of cybercrime attacks on small businesses. A 2019 report found that there was a 424% increase in 2018 compared with the previous year of new breaches of small businesses. And the figures haven’t improved since.
Hearing the term ‘data breach’ doesn’t always tell us what the real implications are of such an attack on a business. Some of the most significant ramifications can include revenue loss, loss of intellectual property, damage to your brand’s reputation and substantial fines.
But for people like you, the business owner, it’s important to have some basic knowledge of how a cyber attack is orchestrated in the first place, to help you understand what it’s going to take to stop it.
Now you’re aware of some of the consequences a data breach can have on your business, it’s important to have some basic knowledge of how a cyberattack is orchestrated in the first place; to help you understand what it’s going to take to stop it.
So, how do hackers hack?
It’s not like you see in the movies. Hacking is difficult and takes careful planning, and stopping hackers can take even more time.
Hacking is a complex topic, mostly because there isn’t one straight hacking approach. There are many different ways hackers can target your business using all sorts of hacking tools and programs.
One of the more common types of hacking you might have heard of is malware. You can be exposed to malware by downloading a link or file from an email or a website that’s specifically designed to get you to download their files. Hackers set up these websites and emails so they can target many businesses at the same time. Malware is used to compromise your system and steal any available information which can be used against your business and your customers.
Here are 4 of the more common types of malware:
Viruses are designed to get into your system to change, copy or even destroy information held there.
Spyware works by running in the background of your system and can spy on you through your microphone, webcam or see every website you view. This means any confidential information you might be discussing could be overheard and used against you.
This type of malware is designed to open ‘backdoors’ in your system so the hacker can access all of your sensitive information and files. Trojan malware can look like legitimate software that you might download onto your computer.
This one is a bit more complex. These programs are designed to record your keystrokes so that the hacker can work out your passwords, even credit card information. So if they can see you typing in the same keys first thing every morning, it’s a reasonable assumption that this could be a password which they can then use to hack your system.
The 7-step process of hacking
There are mainly 7 steps (or phases) to hacking. Keep in mind not every hacker will follow these in sequential order or undertake every step.
1. Putting together a strategic plan
That’s right, even hackers plan. Before they launch an attack, they first identify the best ways to exploit a vulnerable target. It only takes one single point of entry to get started, so the hacker could target anyone in your organisation.
Phishing is a common type of cyber attack tactic used at this stage where the hacker sends an email (loaded with malware) to one or multiple people in your organisation.
2. Getting acquainted with your weaknesses
After the hacker has identified their target, the next thing they need to do is identify a weak point in the business. They accomplish this by scanning an organisation’s network with vulnerability scanners to find ways to get in. This step can take weeks, or even months.
In fact, cyber attacks can be ‘nesting’ inside a network for an average of 200 days before being discovered.
3. Gain access and activate plans
Once the weaknesses in the target network are identified, the hacker will be able to gain access and have the opportunity to escalate their plans. At this stage, they will need to find a way to gain privileged access, so they can move freely within the business environment. They use tools that help them ‘hash’ these details and steal credentials to get admin access. Once they reach this stage, they essentially have full admin control over your entire network.
4. Unauthorised data transfer
With the freedom to move around the network and gain access to your data, they can extract it, change it or erase it. Examples of data cybercriminals might be after are usernames, emails, credit card information, passwords or sensitive documents from your own company. With this information in hand, they can perform fraud using your customers’ details and other nasty tricks, such as emailing employees further scams or selling your information to competitors.
5. Buying more time
The attackers might want to return so they find a way to keep their unrestricted access to your network by secretly installing malicious programs. This enables them to return as many times as they want to keep extracting data.
PowerShell Empire is a tool hackers use to allow them to continue to exploit your business once they’ve gained access. Using this tool, they can escalate privileges (meaning they can grant themselves access to everything), take credentials of your works and steal information from your business.
6. Brute force or assault
This doesn’t happen in every cyber attack but when it does occur, things get nasty quickly. With full access, the hacker will alter or completely disable business hardware, effectively leaving your business defenceless.
7. Leaving no fingerprints behind
In most cases, hackers want to hide their tracks. In some cases, they want to leave a ‘calling card’ behind to boast about their success. If they do the former, they create a trail that is aimed at confusing or misleading the forensic examination process. Hackers will use techniques such as log cleaners, spoofing, zombied accounts or trojan commands to put investigators off track.
Now you’ve got the overview of how hackers find ways in, you can take steps to prevent this from happening.
- Ensure all software and business networks are up-to-date and secure, always;
- Make sure every employee has formal cybersecurity training and knows what to do in the event they come across something suspicious;
- Instill best practices and processes around cybersecurity in your business.
If you’re not sure where to start, eWAY’s Merchant Trust Initiative is offered to every customer. It guides you through all the steps necessary to boost your business security and remain one (or two) steps ahead of a potential hacker.