Web crawling search engines and online directories have made the retrieval of significant business information almost effortless. For clients and customers, finding your information has never been more convenient. For hackers and cyber-criminals, unfortunately for you, the same is true.
As companies put forth the effort to expand their online presence, they should also give the same effort to learn how hackers abuse the systems in place and form strict online privacy policies to defend themselves.
The Hacking Process:
The process in which hackers use (at least the ethical ones, aka. White Hats) is very well documented. Whether you read up on the process on the SANS website, at the EC-Council website, or in a book about ethical hacking, the first phase is always the reconnaissance phase. This is where hackers begin to learn a little bit more about you and your business. They may begin with your company website or perform a deep dive into online search directories to find out everything Google (and other search engines) have related to you and your business. You may be surprised what is found, you may have not considered public information.
Though you may view this as public information with little to no impact on your everyday business other than the marketing aspect of it, hackers see every piece of information as small pieces of a larger puzzle. Think of a hack job (if you will) as a 5000 piece puzzle. Every piece matters, some more than others, so some not so obvious details (pieces) can mean the difference between a hacker gaining access to your network in just under a week or not gaining access at all.
Once they completed their searches that may include results such as IP addresses, business locations, business partners, and email addresses, they generally move on to the scanning/foot-printing stage where they may begin probing those located IP addresses for information such as manufacturers and version numbers of your firewall or servers. All of which has the potential to be extremely harmful to your network infrastructure. These details not only reveal more about your infrastructure, but also reveal (with a little more research) its vulnerabilities.
If a scan of your network public IP addresses reveals a 2003 Windows Server that is a few patches behind, the hacker could read up on the missing patches and attempt to take advantage of what those missing patches are set to repair. Or even with a fully up-to-date 2003 Windows Server, the hacker can easily learn that on July 14, 2015 Microsoft will no longer be supporting or providing patches for its Server 2003 operating system. Meaning that future vulnerabilities found and patched for newer versions of Windows Servers may also exist in the older versions, increasing that servers overall risk to your network.
So what should you do?
When it comes to minimizing your footprint, knowing truly is half the battle. Knowing what can be found through proper reconnaissance and scanning of your network, both externally and internally are key to finding the proper solutions to protect your infrastructure.
Begin securing your online privacy by:
- Performing privacy changes on your public domain records to limit business visibility. With the registration of your online domain comes a set of public records that allow the public and computers to locate information associated with your web address if not properly secured.
- Keeping the business information you share online consistent. Consistency will minimize conflicts with what information about your business is allowed on the web. A company excel file is a great organizational tool for keeping a log of all your business information and directory listings.
- Implementing Intrusion Detection Systems and Intrusion Prevention Systems to scan your network and inform the proper personnel of unwanted visitors.
Protecting your business is a constant battle and there is no moment where your guard should be down. Do not let your own information be used against you by cyber criminals. Prevention is the start, but routine monitoring and penetration testing needs to be done to ensure your systems are prepared for an attack.