There is a shift in the way cyber-criminals are targeting organizations. The methods of mass phishing and hacking are making way for more directed and personalized attacks. They carefully select their targets and craft convincing messages. However, that takes much more time and preparation. To make up for that, they now use automated techniques to carry out attacks. How can you protect your organization from this emerging threat?



The New Kind of Hacker

The age of automation started over a century ago, offering many business opportunities for organizations. Unfortunately, the cybercrime world has now followed suit. In the past, hackers were highly-skilled enthusiasts, making for a small community. They did their own extensive research and wrote their own tools and code, taking days to implement a successful attack.

Nowadays, the entry barrier is lower, making the cyber-criminal community larger. Instead of each hacker creating their own tools, software and frameworks are now shared and (ab)used by more hackers.

The new kind of hacker uses publicly available information (also known as OSINT = Open Source Intelligence) to create a profile of their target. Examples are information taken from the company website, third party websites, social media, news platforms, powerful search engines, publicly available presentations such as Prezi, etc. This is used during the reconnaissance phase of an attack, or to impersonate an organization’s VIP, for example. The tools used to collect (scrape) the necessary intel have become more powerful and efficient, and many more are available.

Automating these processes delivers structured overviews of an organization’s vulnerabilities. All steps of the cyber kill chain can be automated, letting script hack by itself. Collected information can also be used to create highly convincing profiles of organizations’ VIPs. The more convincing a profile is, the more likely victims are going to fall for it. The days of the Nigerian prince scams are coming to an end.

How Can it Affect You?

What are the practical uses of automated hacking, and how can it affect your organization? Using tools such as Shodan, hackers generate an extensive overview of internet-connected devices such as your webservers, but also security cameras, webcams or printers.

For example, In Sweden, someone used automated hacking tools to discover public webcams near a harbor. With that footage, they could monitor and identify submarines going in and out of the port. They could calculate how long the submarines had been deployed, what their range would be and where they could have gone. This doesn’t take a team of IT specialists but can be done by anyone.