SUMMARY: Ed Wilson talks about additional ways a hacker gains access to a network.
In yesterday’s article I talked about a common way the hacker gets in … someone forgot to deny access. Today I will list other ways.
How does the hacker get in – a list.
The most important thing to remember about hackers is that they are not magic. Nearly all of the time, a hacker uses, or misuses, something that is already setup. For example, if a computer is unplugged from everything, buried in a six foot deep hole in the backyard, and packed in concrete, it is more or less secure from hackers.
The other important thing to remember about hackers is that nothing is certain. Given enough time and resources probably any system in the world is vulnerable.
The other most important thing to remember about hackers is that given unrestricted physical access to a computer, it is pretty much game over.
The cardinal rule is this: if a hacker gains administrator rights, it is game over – at least as most things exist today. There are some things some companies are working on to help mitigate or reduce the risk of administrator accounts.
So, here is a list of ways a hacker may get into a network:
- An unsecured modem – yes, don’t laugh. Some companies still have modems in use. They may be used for a remote office that only needs to upload sales information at night, but they are there. Typically, a modem used in such a scenario would not accept incoming calls – but hey, what if the salesperson configured the modem to accept incoming calls so he would access his computer at night or on the weekend, or so he could enter sales without having to come to the office.
- A website designed for corporate users to share information.
- A website designed for corporate users to access internal email systems.
- A system setup for network administrators to do remote administration.
- An old forgotten server that used to provide remote network access, but now neglected but not decommissioned because it was used by one important person who refused to upgrade to the current system.
- A website designed to share inventory and sales with business partners.
- A corporate presence website.
- An e-commerce web site that offers sales to the general public.
- A file sharing site used by corporate users that is exposed to the internet.
- A file sharing site, setup to provide customers with the ability to share files with the company.
Most of the above require a combination of a user name and a password. Some systems require a user name, a password, and a token. Two common tokens may be either a smart card (with a chip on the back of it) or a fob with changing numbers that synchronize with an internal system back on the network. These are obviously harder to hack, but because they are becoming more commonly used, they are also coming under more scrutiny by hackers.
The weakest point of access is one guarded with only a user name and a password. Tomorrow I will talk about how hackers get around those.