Simple Hacker Techniques for Compromising Network Security

Safe and productive remote computer access for employees

With the proliferation of mobile devices, high-speed internet, virtualization, and cloud services, the attack vectors against network security are greater than ever before. However, one of the keys of a succesful attack strategy is to do the opposite of what is expected; rather than focusing on the difficult, high-tech, high-visibility targets, an attacker may opt to use simple and fairly timeless techniques to get a foot in the door, and then slowly penetrate further past defenses. These techniques do not require sophisticated bot infections or complex social engineering. War Driving With the number of publicly accessible Wi-Fi networks on the rise there is an alarming number that are not secured. Of course, free-easily accessible Wi-Fi is a draw for hospitality businesses that wish to draw customers, but unsecured Wi-Fi is the target of a deliberate technique called War driving. This is the practice of driving through locations gathering information about unsecured Wi-Fi networks, usually aggregating it and exploiting it with special software. Though this action is technically not an attack and is technically legal, it is a basic step towards exploiting networks. Its name, by the way, comes from the next item on the list. War Dialing War dialing is the practice of automatically dialing through every permutation of a phone number in an area searching for modem connections. It was originally called “hammer dialing” or “demon dialing” until the film “War Games” popularized it. Given the history of this technique, you would probably think that it is no longer relevant. However, this is not the case: the introduction of voice over internet protocol (VoIP) in business environments has led to new capabilities of war dialing over VoIP. This technique is actually a good lead in to the next topic. Voice Phishing An attacker that has gained access to a list of legitimate numbers can use the public’s trust in traditional land lines to perform an attack to collect sensitive information from a victim. This problem is actually compounded by VoIP systems as they make calls more difficult to trace.