Ensure security recognize five methods of easy-to-be-ignored attacks

This article will show you five types of hacker attacks that are not particularly concerned about, to remind everyone that they must be paid the same attention as other hacker attacks in the process of preventing hacker attacks, to further reduce the risk of cyberattacks.

I. password theft

Password theft is constantly raised every year. However, few people can learn these lessons and take practical actions to solve the problem. It can be seen from this that the same security problem occurs every year, sometimes not because users do not understand it, but because users do not want to solve it as required.

Currently, many aspects of computer applications are using passwords for identity authentication. However, if we only use passwords for Identity Authentication in our network environment, because passwords can be stolen, guessed, brute-force cracked, and other methods are obtained by hackers, this method may cause a greater risk of intrusion and hacker attacks than multi-identity authentication methods.

In fact, the password is only a string that people enter through the keyboard. We must remember this password string we have set so that it can be entered correctly as needed. Generally, for security purposes, the password must have a sufficient length, such as a minimum of 8 digits and a sufficient degree of complexity. For example, the password should contain uppercase/lowercase letters, numbers, and special symbols that can be used.

However, it is not difficult to generate a password with sufficient security. It is difficult to remember this complex password, especially a password with a length of more than 16 characters, it seems quite difficult. Not to mention that passwords need to be set in many aspects during the application of computers. If each password is different and meets the Password Complexity Requirements, it is more difficult for a person to remember so many passwords at the same time. Therefore, many users use the same password in many ways to reduce the burden of memorizing passwords of different levels of complexity. However, if you forget the password, it can be stolen by hackers through dictionary guesses or brute-force cracking. Once the password is stolen, all services that use this password are not secure.

Unfortunately, people seem to have turned a blind eye to these problems during the use of the password. Currently, some users still have the following behaviors to use the wrong password, these actions are the main cause of the easy theft of passwords by hackers.

The main causes of password theft include:

1. Apply the same password to operating system logon, application access, network access, database access, and other aspects, this allows you to obtain all the service permissions for using the password by stealing a password.

2. the user knows that a complicated password needs to be set, but to prevent him from remembering it after a while, he can easily record these passwords on the paper, then, paste the piece of paper with all the passwords on the wall opposite the desk or the border of the monitor, or press it under the glass of the desk so that you can see and use it at any time. This prevents hackers from forgetting their passwords and making it easier to use them, but it also facilitates hackers. hackers only need to think about how to enter users' office spaces, then, you can easily obtain all the passwords of these users without any method.

Some users pay more attention to the security of passwords, but they only need to record passwords in a notebook, USB flash drive, or other removable media, and carry or lock the password-recorded media. However, if the media used to record passwords is lost or forgotten to be locked, the passwords can also be stolen by hackers.

3. Some insecure network communication methods, such as using FTP, unencrypted E-Mail, or instant chat tools to send packets containing passwords, because these network communication will send data in plain text, if hackers use a network sniffer, they can intercept these network communication packets and then get the password easily.

4. Another problem that causes password loss is that the user's computer is infected with a password-stealing keyboard recorder Trojan and screen monitoring or video software that obtains soft keyboard input data.

5. In addition, when a computer is used in some places where video surveillance is installed, once a hacker can control these cameras, or the staff who happen to be monitoring these video surveillance devices, then they can use the camera to watch the keys that the user presses when entering the password, and then they can use the user's keys to identify the password characters, this password theft method should be frequently seen in movie footage.

We can find out from the above-listed problems that cause password theft. To reduce the security risks caused by this problem, the best solution is to use compound identity authentication, use different passwords in various scenarios that require passwords, train employees to use passwords securely, and use secure network communication methods such as SSL, VPN, and OPENSSH for network connection, it also regulates users' network operations and reduces the probability of virus infection in computer systems.

Ii. Homework

It is not what we usually call homework for teachers, but some hackers from outside our network, the specific process of reconnaissance and information collection to understand the security barrier used by the attack target. In short, it means that hackers concentrate on investigating public or non-public resources in our network, collecting as much information as possible and analyzing it, so that we can find a continuous process for which specific attack methods can be implemented. Because the process of collecting attack target information by hackers is very similar to our ordinary study and research, it is called as a homework.

We all know that we must know ourselves, ourselves, and ourselves in a war, so that hackers know this truth. Generally, hackers need to attack a specific target. They often spend 90% of their time studying the target network. The more detailed information the hacker obtains, the easier it will be to attack, the attack success rate is also higher. Therefore, before attacking a target network, hackers spend a lot of time researching and collecting important information related to the target network, so that they can obtain a complete and attack-able solution.

Today, hackers can easily obtain any information they want on the target network. Why?

The biggest problem is that most enterprises are still unclear about whether data can be made public or not, they easily publish important enterprise-related information to the outside world intentionally or unintentionally. Through the free information provided by these enterprises, hackers usually only need to do a little homework, within a few minutes, you can have a comprehensive understanding of the organization structure and operation methods of the enterprise. This provides an important information basis for hackers to conduct social engineering attacks or physical attacks.

However, many enterprises still do not pay much attention to the control of internal data that can be released to the outside. Below are some main behaviors that enterprises can easily disclose important internal information of enterprises:

1. Some enterprises will record the telephone numbers and other contact information of senior leaders and important employees in a contact list, and then issue them to each department to facilitate the contact between employees and superiors. However, these mailing records are usually not kept strictly, but are randomly stored in a place that can be easily obtained by every employee, and some may even be taken home by the employee. In this way, hackers only need to impersonate one of their identities, such as take-out, and may easily take away an employee's address book, so that hackers can easily obtain the company's internal organizational structure and contact information.

2. When registering a WEB domain name, an enterprise places authentic information such as the company name, location, contact number of the technical administrator, and company fax number to the domain name registrar, when hackers use the Enterprise Domain Name to query, they can easily obtain the important information left by the enterprise.

3. Some enterprises sometimes print an internal enterprise publication every month or every week to convey their business theories and create a good corporate culture environment for the enterprise. Some important information related to business operations is sometimes published in these internal publications, but the issuance of these internal publications is not strictly controlled, not only do internal employees randomly lose the publications that carry important enterprise information, but sometimes they do not intend to circulate them outside the enterprise, this gives hackers an important way to understand internal enterprise information.

4. the operations of an enterprise will always be in contact with other enterprises or organizations, and sometimes leave some information related to the enterprise in other organizations. Some enterprises are sometimes too casual and leave too much important enterprise-related information in various third-party organizations. However, these third-party organizations cannot guarantee the security of the data left by the enterprise by 100%, which allows hackers to indirectly obtain data related to the enterprise through these organizations.

5. Each enterprise has an employee roster that records information such as the employee's home address, home phone number, work experience, and family background, some enterprises sometimes inadvertently put this information on the Internet, so that hackers can easily obtain this information by simply using search engines.

6. Some enterprises' internal physical defense work is not in place, and some enterprises do not even have physical defense measures. This gives hackers the opportunity to obtain the required information through physical contact.

7. The company does not strictly control the network operating system of its employees. Some employees accidentally put important information of the company on the network, such as blogs or forums.

8. An employee is dissatisfied with a leader in the enterprise or the employee who leaves the company intentionally leaks the company's internal information to the Internet.

The content described in the above list only shows a small part of the enterprise's problems. Some enterprises sometimes leak more information, so that hackers can obtain the information they want without further attacks. For the attacked object, if important enterprise-related information is published too much in various public places, it will be too late to detect the attack, the problem is the size of the loss.

To solve this problem, enterprises should strictly control information that can be published externally, standardize network operations and other work behaviors of employees, and formulate a punishment system. Third-party organizations that retain important enterprise information, such as administrative departments for industry and commerce, domain name registrars, and network equipment suppliers, can also be required to modify confidential information related to the enterprise. Enterprises should strictly control various types of information that will be published, such as press releases, notices, product launches, and emails. Try to reduce some important information on the Internet. Only by doing so will hackers not be left with too much useful information, which will increase the security level of the enterprise.

However, this method can protect the network security of enterprises is not paid much attention. People tend to focus only on the remaining 10% of attacks by hackers, but no one pays attention to the security methods that can prevent the remaining 10 percent of attacks by hackers. This is also the main reason why enterprises spend a lot of money on buying security equipment, but are still under attack.

3. Use the default settings

When a hacker attacks a target network, it finds that the security devices or network devices used by the target network are used by default values set by the supplier or vendor, no attack is easier than this situation. Currently, many attack tools and the first attack method using scripts are assumed that the target is operated by default configuration. Therefore, a most effective but often forgotten security precaution only needs to modify the default settings of the device.

If we use the "default password" or "defaultpassword" as the keyword in the Internet search engine, we will see