Hacking is having a moment. With the mostly realistic show Mr. Robot gearing up for a second season and The White House briefing the country on a new cyber incident coordination plan, cyber threats are being discussed nearly as frequently as politics these days. Even The Donald himself called upon Russian hackers.
So what does all of this chatter mean for worldwide cyber security intelligence? Well, the landscape is changing toward a more robotized (read: even more frequent) attack pattern on networks and data across the country.
Email phishing isn’t going away. In fact, with more cyber security attacks coming from within an organization than without, it’s never been more important to train every employee on common phishing techniques. Social Engineering Toolkit (SET) and other robotized systems for creating massive quantities of phishing scams from a single source, mean that every business in America likely gets multiple attempts per day.
Anyone who has ever looked through their spam folder knows what phishing emails look like, and yet thousands of successful attacks occur through them each month. By some accounts, phishing attacks have a 45% success rate!
In addition to fake emails, hackers generate fake websites with the same or similar tools. Always examine websites for “typos” before clicking on them, and definitely beware of websites contained in emails (even from seemingly trusted sources). Thousands of fake websites are created every day for the purpose of infecting networks and computers.
Bluetooth hacking tools like Bluesniff and Bluetooth Scanner (btscanner) are another growing category of cyber in-security. With the prevalence of bluetooth-compatible devices in phones, tablets and automobiles, cyber-attacks on everyday devices increase hacker access to multiple data sources. Bluetooth keyboards can give remote access to your device.
Devices do not have to pair with your BlueTooth device to access your digital data, but of course never pair with an untrustworthy device.
Speaking of everyday devices, a simple USB drive can be an access point for cyber security threats. Flash drive plugins and BadUSB have existed for years. Cyber security intelligence has had to continue to adapt to keep up.
You probably already know this, but never plug in a flash drive you have any uncertainty about. Also, never plug in to a USB port outside of your own device. For example, if you need to charge your phone, use your device’s charger and a wall outlet, not an unknown computer or other device that could have malware or a virus in waiting.
Another side-effect of our increasingly technologically-based society: automotive computers. Auto manufacturers use computer technology to manage everything from your car’s entertainment system to its transmission. Hackers have gained the ability to control a car remotely, which left manufacturers scrambling to patch the zero day attack. It is possible that hackers could find another way to gain access remotely to personal vehicles in the future. While Google develops the self-driving car, cyber security intelligence must keep pace with technological advancement.
An Increasingly Isolated Society
A show like Mr. Robot exploits the duality of the digital age through the eyes of hacking: while society makes it possible to live an increasingly isolated life, hackers gain access to such intimate life details as what we view online, what our driving record looks like, what we purchase, and even our health records. Nearly every piece of information is stored digitally somewhere and in the cyber black market, information all has a price.
Yet none of these hacking methods, or even criminal exploitation methods, are truly new. After all, the more things change, the more they remain the same. Cyber security intelligence, however, must evolve faster, at the rate of commerce, to keep up with the plethora of attacks worldwide.