sb-as logo
Story image

Trend Micro's three tips to catch a hacker

21 Mar 2017

It might be difficult to believe in the wake of ever increasing stakes for businesses, but if you know what you’re looking for you might be able to spot a potential hacker and an impending cyber attack.

Many organisations focus on attack alerts, but they don’t necessarily pick up attacks that are sleeping or are disguised so well that they’re happening under the guise of normal business transactions, Trend Micro says.

Hackers can leave their marks, even on their own social media platforms. Here are three quick ways attacks can be perpetrated, which can lead to catching the culprit red handed and to preventing attacks entirely.

What is the evidence?

Don’t believe the TV shows that use the myth of busting breaches when they’re caught in the act. Today’s data breach systems can detect when an intrusion happens and mitigate the risk. This minimises risk and costs.

Sometimes hackers can be undetected and it takes a combination of InfoSec analysts to look at the attack vectors, what hackers did, what information was stolen and why it might be useful to them. This evidence can potentially track down the culprit and mitigate future attacks.

How many threat actors are involved?

EyePyramid was a malware that stole 87GB worth of sensitive data from many countries including Japan. A brother-sister team was behind the attack, and it was their ‘quirks, habits and techniques’ that led to their downfall, Trend Micro says. Security tools can detect behavioural trends which can allow breached organisations to uncover sources behind the attack.

"Hackers can make simple mistakes by revealing too much about themselves,” comments Martin Roesler.

How to track social interactions 

Hackers often post too much information on places like the Dark Web, such as in the case of Limitless Logger which was used to disable security controls, record keystrokes and exfiltrate account passwords.

Trend Micro tracked the original author down just by looking at posts, which uncovered that “the culprit just completed the first semester in a university as well as contact details for Skype and PayPal accounts”.

After some detection, the hacker’s public social network details were found and Hackforum chat logs uncovered his real name.

Spelling errors could give the game away

Trend Micro says that last year the Bangladesh Bank spotted a misspelling that prevented a $1 billion height - although the hackers got away with $80 million.  When phishing, hackers can sometimes leave mistakes in content or URLs that could tip off users into detecting potential attacks. 

Final conclusion

Trend Micro says business can protect themselves by using cybersecurity tools and educating employees about being observant and reporting suspicious behaviour.

Story image
Online retailers lose millions as 1/3 of customers forget password at checkout
Recently released research has found about one in three of online purchases are abandoned at checkout because people cannot remember their password to access their account and confirm their purchase.More
Story image
Mentorship key to bringing women into cybersecurity - Microsoft
“Diverse teams make better and faster decisions 87% of the time compared with all male teams, yet the actual number of women in our field fluctuates between 10 and 20%. What ideas have we missed by not including more women?”More
Story image
Acronis appoints new APAC General Manager and launches Partners Programme
One of Morarji’s first objectives has been to launch the new Acronis Partner Programmes in APAC, in which the Acronis team will help channel partners and managed service providers (MSPs) expand their portfolios and deliver fast ROI.More
Story image
Zero trust security gaining momentum as a cybersecurity model
The model is centred on the belief that organisations should not automatically trust anything inside or outside its perimeters and instead must verify anything trying to connect to its systems before granting access, according to CSO.More
Story image
80% of cyber threat landscape uses COVID-19 as leverage - report
A report released recently by Proofpoint reveals the extent to which cyber attackers are capitalising on fear and paranoia surrounding the pandemic, with instances of coronavirus-themed attacks increasing every day.More
Story image
SailPoint Peer Insights Choice for identity management
SailPoint is the only vendor to receive the ‘Customers’ Choice’ distinction in the Identity Governance and Administration segment.More