Cautionary measures and cyber security

What measures should be taken to protect computers from hackers? Rob Joyce, the head of the team of hackers from the National Security Agency (NSA) talked about this at a cybersecurity conference held between January 25 to 27 in San Francisco.

Rob Joyce leads the Tailored Access Operations group (TAO). This group is the NSA hacker team who must break into the computer systems of the opponents of Washington, according to wired.com. He started working with this team in April 2013, a few weeks before the scandal triggered by Edward Snowden and the leaking of classified information to publications such as The Washington Post and The Guardian.

Advertisements
Advertisements

Joyce has admitted that the fact that a hacker is invited to give a lecture about the methods he uses is a bit bizarre.

According to Joyce, hackers don't target the management of an organization, they target the network administrators and other people who access the network. In this way, the hackers ensure their complete access to the online content in a more discreet way.

Also, the NSA hackers are looking for passwords hardcoded in software or transmitted in the clear, especially in the older security protocols. No computer vulnerability is too little to be exploited by them. For example, if a particular application in the network is not working as it should, and the company that made the computer system asks you to let the application open on weekends so their IT experts can solve the problem, this could be an invitation to hackers.

Advertisements

Anyway, the hackers are always testing the permeability of the systems which they try to enter.

Vulnerabilities and methods

There are other vulnerabilities that can be exploited by hackers. One of them includes the personal devices placed by employees in an agency, a company, or a government department which connects to the network from the organization.

The heating and acclimatization systems of a building can also be attacked by hackers. Joyce explained that hackers generally don't have many problems in accessing networks. This happens because they devote so much time to learn the networks that are showing interest for them. Therefore, they get to know the network even better than those that manage it. He added that people would be surprised to learn what huge differences may exist between what they think is efficient and what really is.

Firstly, acces to the network must be limited to as few people as possible. It's good to give access only to the people who really need to access the information. Then, networks and sensitive data must be segmented.

Advertisements

In this way, the information will be less accessible to hackers. The systems must receive security patches regularly. It's also recommended not to use hardcoded passwords or protocols that send passwords in the clear on the network. Also a device such as an "out of band network tap" is very useful. Such a device tracks any activity or any suspicious activity on the network, so this is a real nightmare for hackers.

#News