k_Street Consulting, LLC Blog
5 Security Analogies to Help You Better Understand Hacking
How often do you read a blog article about network security only to be blown away by all of the overly complicated and confusing jargon of the industry? We know that it’s not necessarily your specialty, but it’s still important that you understand how network security works for your organization. While the complicated details should be left to IT professionals, we can help you better understand the general idea of security by comparing it to a locked door.
Brute Force Attacks
Let’s say that a robber wants to break into your home. He will try to go through a door, but he might not have the keys required to get in. In this case, he will have to use everything at his disposal to get in. He might try to kick the door down or smash a window. In other words, he’s getting into your house by brute force.
Brute force in computing can consist of a hacker trying to use as many passwords as possible in a short period of time to get in. There are programs that can randomly generate countless passwords in seconds, making this method of attack quite devastating when it’s effective.
Social Engineering
Let’s say that you have a new neighbor on your street. They ask you over for dinner and you get to know them. You feel like you are getting along with them quite well--well enough to trust them to water your plants while you’re out of the state on vacation for a few weeks. You give them a key, but when you come home, all of the plants are dead and you’re missing some furniture or technology. Yup, they’ve robbed you--you’re sure of it.
Social engineering takes a calculated approach to hacking and data theft. Hackers will make personalized attempts to steal your passwords and information by taking on the identity of someone you think you can trust with this information, like an “old friend” or “your elderly grandmother.”
Security Exploits
Robbers may try to find weak points in your front door. Maybe the door doesn’t quite lock all the way due to a defect in the manufacturing process. In this case, the robber may research what the weak points of the door are so that they can know the best and most efficient way of getting past your defenses.
Security exploits are weaknesses in software on your computer that allow hackers to sneak into your system and get into all sorts of trouble. These can range from weaknesses in the way that sensitive information is handled, to particular lines of code that create problems for your organization. Ultimately, it only takes a single crack in your defenses--a security exploit--to allow a hacker into your infrastructure.
Trojan Horse
Someone might knock on your door and tell you that something within your household is in need of repair. Maybe they know that you have a leaky faucet that needs to be addressed, or they know that you have some concerns about your furnace. They are then invited into your home and go about their business. You may then notice that you’re missing important items afterward, hinting that the off-the-street good Samaritan was, in reality, a scammer.
Trojans work like this in many ways. Just like the Greek horse of old, a Trojan sneaks onto your system and plants a backdoor, allowing for secret re-entry at a later date. Often times, a Trojan will use a larger data breach to mask its presence, and then continue to steal information in small doses as time goes on.
Two-Factor Authentication
Two locks are better than one in most circumstances. For example, you can have one lock on the doorknob and another on the deadbolt, which keeps the door fastened in place even if the door is forced open near the doorknob. Basically, having two types of locks makes it twice as hard to get to anything of value.
Two-factor authentication can be used to provide this secondary credential to your digital assets, including online accounts or network logins. A secondary code can be sent to an email address or mobile device, which allows your employees to access important information only when both of these are present.
Does your organization need help with network security? k_Street Consulting, LLC can help. To learn more, reach out to us at (202) 640-2737.
Comments