Protecting Your Business From Hacking

gotta-business-question

By John the CEO

 

If you’ve been following mainstream news reports about allegations of Russians hacking U.S. election systems, and another of a Nigerian operative hacking into a U.S. based email system, you likely assume you know what hacking is, but chances are, you really don’t. And unfortunately, the major news organizations have not been very responsible in explaining what hacking really is. As I’ve explained to close associates, simply blindly accepting the word of top government officials in Washington that Russia hacked U.S. computers is not proof. Hacking is far more complicated than that, and any news agency with journalistic integrity should explain the details so that an informed public can reach a sound conclusion. This short article will try to demystify hacking and offer tips on protecting your business assets (mainly computers and phones) yourself.

I’ve worked in the computer field (software design and development) for many years. As such, in the IT world, hacking as the public knows it is actually broken up into two kinds of unwanted actions: hacking and intrusion/penetration. We usually associated hacking with some young computer geek who just randomly tries to break into computers for the fun of it, but has not real knowledge or sophistication to penetrate secure systems. For instance, randomly guessing someone’s password until you get it right is a form of hacking. This approach might work with the average person’s laptop or smartphone, but highly secure business and government servers are not this simple. Unfortunately, the news media has played on this confusion and has not cleared it up.

Moving beyond hacking, a sophisticated, well planned operation to target a computer and penetrate its security takes time and is not always successful. Without getting into all the technical details, one of the hardest parts of computer intrusion is figuring out how to actually identify the location of that computer and what kind of operation system it is running. Without these minimal steps, it is impossible to penetrate a highly secure computer. To locate a computer anywhere in the world, you must first know its IP Address, which is kind of like a phone number for computers. A random, unsophisticated hacker can try to randomly guess it, but it would take years to guess it accurately. A sophisticated intrusion expert would use various tools to try to acquire the IP address, but even then, he would still have to make sure that the address of that computer is actually pointing to that computer. Yes, this is a bit complex, so think of it like how your phone number can be re-routed to another phone that is not yours (called Caller ID spoofing). If you’ve ever used another phone number to keep someone form knowing your real phone number (women who have had to protect themselves from unwanted stalkers know about this), then the same idea applies here too. Here’s an example to explain:

Say you’re trying to break into a Washington DC computer and by using various intrusion tools, you figured out the computer you want to penetrate is “999.999.100.1” for example. Your next step is to make sure that this address is actually pointing to the right Washington DC computer. You use another tool, and find out it is actually pointing to a computer in Australia! What this likely means is that the computer in Australia probably belongs to someone who has already penetrated the Washington DC computer before you did. This is the problem with the Russian hacking allegations: those making the allegations have to offer proof that (a) the Russians have an updated list of IP addresses for every U.S. election system, and (b) that all of those addresses accurately route to those computer systems. Without this minimum evidence, there is no way to confirm the allegations, and like the faulty weapons of mass destruction allegations against Iraq, we’d be marching towards war with another country based on unfounded allegations.

Now that we’ve got the techno-politics out of the way, here are some ways to protect your key business assets from the kinds of intrusions mentioned above:

  1. Always use genuine anti virus software
  2. Do not open unexpected email
  3. Monitor your phone records for unknown phone numbers or unusual activity
    If you use Microsoft Office, plan to upgrade to Office 365 if you haven’t already as it has better anti-spoofing features in it
  4. Use networking technology for your business computers or home network that has effective access control features to keep unwanted traffic off your network (IPv6 is better at protecting your network than the current IPv4 system, which is similar to the “999.999.100.1” example I used earlier)

If you have any questions, you can ask me by using Contact Us. You can get more info from the following source:

https://www.symantec.com/connect/articles/ip-spoofing-introduction

https://en.wikipedia.org/wiki/Caller_ID_spoofing

https://blogs.msdn.microsoft.com/tzink/2016/02/23/how-antispoofing-protection-works-in-office-365/

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s