Publications
Partners
Cape Town - Most hackers today do not write the code themselves; rather they copy-and-paste attacks from an elite group of cyber criminals, says a security expert.
"Most 'hackers' are really just riding on the shoulders of others when it comes to breaching a target", Drew van Vuuren, CEO of information security and privacy practice at 4Di Privaca, told Fin24.
The skill level of cyber criminals has been highlighted following large scale breaches of major corporations and even government agencies.
However, Van Vuuren contends that most hackers simply copy the correct code and conduct a cyber breach on a major institution with the available tools.
"So many automated tools; scripts packages exist nowadays on the web for download that a true 'hacker' is a rare beast. Saying that, I would venture that there are a small handful of truly skilled individuals who have the capacity to pull of such a breach."
Strategy
Despite the proliferation of copycat hackers, persistence of an attack is one of the main reasons that many are able to compromise organisations.
"Targeted attacks are very difficult to prepare for, and very difficult to stop, and the main reason for this is time. A focused attack can take as much time as the attacker wants, which probably means they will try until they get in", said Philip Pieterse, senior security consultant at Trustwave.
He argued that the best strategy for network administrators was to build layers of security rather than hope for one single defence.
"The best a company can do is to put layers of security controls in place. And try and keep the cyber criminals out as long as possible, hopefully until they lose interest and move on."
But while cyber intrusions are easily identifiable, hacking via social engineering is far more difficult to counter.
Some cyber criminals are able to defeat security layers with the inadvertent help from workers. When employees click on a link in an e-mail, download an application from the web or even grant someone with fraudulent credentials access to a machine, the system could be compromised.
"Social engineering is also very difficult to prepare against, as the typical corporate user needs to undergo Security Awareness training. So it is not just the network admins that need to be prepared for an attack like this", said Pieterse.
One security professional told Fin24 that a company found itself compromised when a hacker posed as a server room cleaner and was granted access and left unsupervised.
Attitude
Van Vuuren insisted that in addition to the determined hackers, some South Africans' attitude to security is lax at best.
"It is a well-known fact that there are pockets of excellence in the local market where the admins rank alongside the best in the world.
"Unfortunately they are extremely rare and on the whole, I would say that systems in South Africa are more susceptible to compromise due to the fact that security in general is not a priority for organisations due to it being a grudge purchase."
Major breaches like the attack on MasterCard, eBay and US retailer Target have put security professionals on notice that cyber criminals have the skills and capacity to pull off targeted attacks.
However, despite SA being on the periphery of the global stage, a number of high profile attacks have illustrated the need for a co-ordinated response to cyber threats for both organisations and individuals.
"Add to this the social engineering aspect and the unique challenges one faces by living in South Africa and there is a recipe for compromise, one just needs to find the soft underbelly of sysadmins and exploit them accordingly," Van Vuuren added.
Watch this video on why some do not take the threat of cybercrime seriously:
- Follow Duncan on Twitter
