Some cybercrimes are more whispers than shouts

person using laptop

Most hacking these days is carried out for financial gain—a marked change from bygone times when cyberthieves were more interested in gaining fame by publicizing their exploits. The lone hacker of yore has been replaced with organized groups that patiently plan and coordinate their exploits for maximum damage.

In some ways, this new approach to cyberattacks mirrors the old-school practice of gathering information through casual contact with employees, phone calls to the receptionist, interviews with HR, and personal contacts. Today’s cybercriminals have updated these historical tactics to penetrate network security and produce devastating results.

This makes cybersecurity solutions more important than ever.

Richard Boscovich, assistant general counsel of Microsoft’s Digital Crimes Unit, reported that today’s advanced attacks are more difficult to detect because the perpetrators are much more subtle in their methods. “You’re going to see small pieces of code infecting computers, and then little by little, those pieces will assemble as they go out to the internet. They’re going to be dormant there, and they’re going to be used for information collection,” Boscovich said.

Hacking made simpler but less effective

Hacking “kits” readily available on the dark web have turned attacks that previously required high levels of technical expertise into point-and-click opportunities for adventurous thieves. Even inexperienced hackers can download the software collections and install them on hundreds of unsuspecting websites.

The software then automatically collects information and sends it back to be sold. But this commoditization of hacking tools has made them much less effective for infiltrating larger organizations with dedicated security teams who update patches and take other security measures.

A more furtive type of attack

New attack methods are more sophisticated. As Boscovich pointed out, these attacks originate with small segments of code planted in different, unrelated areas of your network. The individual code segments by themselves don’t show up as malware.

The segments generally are added over time, making the threat less immediately apparent. The code segments can be functionally redundant but still different so that if one segment is discovered and removed, its function can be replaced by another.

Once all the code segments are added, the attack can be executed.

The main issue with this kind of intrusion is that while IT may have alerts in place that report on unexpected and unknown code, the warnings can go unheeded because the segments don’t appear malicious. Routine warnings can also be ignored if there are a high number of alerts.

The best way to protect against incremental intrusions is to stay current with software and operating system patches, subscribe to commercial cyberalert services, and invest in cyberinsurance. Find out more about how AT&T Network Security solutions can help guard your network against incremental intrusions and other types of cyberattacks.

Scott Koegler Writer Sponsored Post About Scott

Scott Koegler is a technology journalist with a specialization on the intersection of business and technology. All opinions are his own. AT&T has sponsored this blog post.