Hacker Tactics Cybercriminals Use to Exploit Us Through Our Tech
The world of technology is ever-changing. It can be hard for individuals, and even businesses, to keep up with new advancements and the benefits and risks they bring. But cybercriminals are determined to stay on top of everything. They continuously find new ways to use our technology against us, or even to exploit us directly. The hacker tactics they employ are wide and varied. But knowledge is your best defense.
See Hacker Tactics with John Hammond for a complete transcript of the Easy Prey podcast episode.
By day, John Hammond works as a security researcher for cybersecurity company Huntress, where he analyzes malware and tries to make hackers’ jobs as hard as possible. On the side, he shares education and training. He has a YouTube channel where he puts out informational videos regularly. His goal is to help people get smarter around cybersecurity so they are prepared to confront malware, scams, cyber crime, or anything else out there.
As a kid, John wanted to make video games or be a Hollywood-style hacker. Cybersecurity was never his plan. But he attended the Coast Guard Academy, which was a military academy. In the military, it’s cool if you can do programming and develop software, but then next question after “Does it work?” is always, “Can it be exploited, taken advantage of, or compromised?” This line of questioning led John to the idea of cybersecurity – how someone could break into programs, and how they could be protected.
Interacting with Cybercriminals
To the best of his knowledge, John hasn’t yet fallen for a scam or been a victim of a cybersecurity incident. But often it’s hard to tell. He has certainly seen attempts. Some cybercriminals try to set up sponsorship deals or partnerships with his YouTube channel and it turns out to be malware or an info stealer that would grab all his passwords and credit card information.
John likes to think he has the know-how not to fall for it. Instead, when he sees those attempts, he analyzes them and shares it with others for educational purposes. In some cases, doing this has gotten a couple cybercriminals angry at him. One host of a cybercrime forum attempted to doxx him. Fortunately for John, they got the information wrong.
An Explanation of Doxxing
With the internet, a certain extent of it is anonymous. You can choose your handle or alias, and you’re behind a keyboard and screen so nobody can see you. There is a level of anonymity available there.
Say someone has ill intent, is angry at you, or wants to get revenge for something. One method they could use to do that is “doxxing.” When someone doxxes someone else, they track down as much information about that person as they can. Real name, home address, phone number, mother’s maiden name, information about their parents, siblings, or children, sometimes even passport or driver’s license information will be included in doxxing. The upset party then takes this information and posts it publicly across the internet.
The victim has now lost their online anonymity. What the doxxer intends from the situation varies. Most often it’s just to make the victim feel unsafe. But there’s a possibility that people could come after the victim in real life. It can be extremely scary. Doxxing is generally not considered among hacker tactics because it doesn’t further a hacker’s goal of getting at your information or your money. It’s generally done by someone who is personally angry at the victim.
What’s Happening in Cybersecurity Right Now
Just recently, there was a new vulnerability discovered in a popular software program, Connectwise Screen Connect. If you’re a managed service provider or in that business, Connectwise Screen Connect is one of the apps you can use to remotely monitor and manage devices. When hacker tactics compromise that kind of software, it’s a big deal. It gives the hackers a lot of access to a lot of devices and information.
This compromise was given a CVSS severity score of 10, which is the most severe kind of breach you can get. A compromise that big can let a hacker execute code. Not only could a hacker do whatever they wanted on a compromised device, they could control all the other devices connected to it, as well. John was up extremely late trying to figure out what happened and how to stop it.
The Balancing Act of Cybersecurity
Much of cybersecurity requires balance. How much should people know about each breach? We want to make sure they’re taking the right actions – patching, updating, and installing security upgrades. Installing those patches and updates is one of the best things you can do to keep yourself safe from hacker tactics.
A lot of the installations when people manage their own [software] … that’s got to be patched manually. We’re screaming and shouting to make sure folks do that.
John Hammond
But for the experts, there’s a risk in putting out too much information about a threat. Sometimes, getting the threat indicators and compromise indicators out there will help hackers build their own exploits and do more damage. Even with patches, they can compare the old version to the patched version and see where the real vulnerability is. There’s a lot of nuance and balance involved.
One of the bigger factors in this decision is how easy or difficult it is to take advantage of a particular vulnerability. Some vulnerabilities require in-depth computer knowledge and complicated hacker tactics. Others just require putting a certain string of text into an input box or changing a few numbers in a URL. This varying degree of effort also makes this balancing act challenging.
Scammers Taking Control of Devices
We’re all vulnerable to scams and social engineering. These criminals focus their deception efforts on anyone, whether they’re tech-savvy or not, whether they know anything about IT or cybersecurity or not. This becomes especially dangerous when they contact people who aren’t familiar with the dangers. They could claim that the victim needs to transfer some money to take care of a medical bill or something, and now they’ve lost a lot.
Screen connecting programs are sometimes a vessel for that. Scammers sometimes try to get you to install a software like Teamviewer or Anydesk on your computer. These apps let them take control of your devices. And the worse news is that we put a lot of our personal, private information on our devices, whether it’s sensitive files or passwords saved in our browsers. If a criminal gets access to your device, they will have access to all of that.
Scammers want to install … applications that could give them control, and now they have access to the devices that we pour all our information into.
John Hammond
Who Should Get Remote Access to Your Device
John’s knee-jerk cybersecurity response to the question of who should be allowed remote access to your device is nobody. You should block any efforts to do so as best you can. But in some situations, that can change. If it’s a family member you trust, that’s okay.
No one should touch your computer. No one should remote into it.
John Hammond
Work is also another situation where someone might legitimately need to remote into your device. If your company has an IT department, they may need to remote in to install a patch or fix problems. The best thing to do in that situation is to validate it on your own. Contact a point of contact with the IT department that you already know to verify that they really need to do so. Or hang up on the caller and call them back from a number you know is genuine.
It can seem somewhat silly or paranoid. But doing those checks can protect you from the social engineering side of hacker tactics. It’s no longer “trust, but verify” – these days, it should be “verify, then trust.”
Just double check. Just triple check. And that pays in dividends if you’re willing to verify.
John Hammond
Demystifying the Dark Web
You may have heard of the dark web before – those shadowy corners of the internet where cyber criminals sell your data and share hacker tactics to exploit even more people. It has a certain mystique. You probably picture people in hoodies and Guy Fawkes masks hunched over shadowy laptops. But in reality, the dark web is just a different way to connect to the internet.
There is an internet protocol called TOR that adds a couple extra steps to connecting to a website. It actually manipulates the data you send between computers and adds a lot more anonymity and privacy. Anyone can use TOR to get on the dark web. But there is no Google for the dark web, and the websites are all long strings of random gibberish. You have to know where you want to go to get there.
If you’ve heard about the dark web, you’ve probably heard about it in the context of the sketchy or illegal things that are on it. Weapons, drugs, hardcore or illegal pornography, the list goes on. And that stuff is there. But it’s really hard to verify how much of it is real. Some of it could very possibly be cybercriminals trying to scam other cybercriminals. After all, if you tried to buy a bunch of illegal drugs and the seller took your money and never sent you the drugs, you’re not going to go report that to the police!
John likes to shed light on what’s going on in the dark web. There are definitely criminals sharing hacker tactics, but it’s really hard to verify what’s real. You should take it all with a grain of salt. That’s why John likes showing the truth to people.
John’s Strangest Dark Web Encounter
One of the things John does is try to make sense of threat actors and hacker tactics that aren’t scams. He wants to track their tools and techniques and know what they’re up to and what they’re talking about. So he frequently visits forums where these cybercriminals hang out and sell tools and data.
At one point, he particularly wanted to understand how hackers were weaponizing certain file types, like Windows shortcuts. He found out that there was a tool called Quantum Builder sold on the dark web that did it. So he reached out to the seller over Telegram and said he wanted to buy it. But in an embarassing mistake, he had forgotten to change his name on Telegram.
To his surprise, the seller responded positively. They said they were a fan of his YouTube channel, and offered to give him the builder for free. It was an incredibly strange experience to be talking to a cybercriminal who said they really liked his content, especially when his content was mostly about defeating hacker tactics and cybercrime. But as they talked, he realized that this seller, and many of these dark web software developers, marketplaces, and more are businesses. Yes, they’re doing criminal things. But they also have sales teams and operations teams, and the people who build the software are proud of their work and want to show it off.
Keeping Yourself Safe from Hacker Tactics
Protecting yourself from hacker tactics and the latest cybersecurity incidents comes down to two things. The first component is patches and updates. When cybersecurity professionals or software developers find a vulnerability in a piece of software that could let hackers in, they fix it with a patch or update. But if you don’t install it, you’re still vulnerable. It’s like closing your front door but choosing not to lock it. Sure, it will still function as a door. But if a burglar comes along, it’s not going to protect you.
The other step towards protection yourself is education, awareness, and knowing what’s out there. If you know what kind of threats and dangers to watch for, you will be better equipped to spot the risks early and take action. John tries to provide some of this education on his YouTube channel. “Scambaiters” like Jim Browning, Pleasant Green, and Pierogi are other YouTube channels that provide some education. They also go on the offensive to target the scammers back. But in the end, just knowing what could come at you can help you protect yourself.
You can find John Hammond on YouTube, where he talks about what he’s interested in and passionate about. Over the years, this has included programming, cybersecurity practice exercises and war games, malware analysis, dark web cyber crime, and chasing vulnerabilities. He tries to be practical and hands-on in his videos. You can also connect with him on LinkedIn or Twitter. Don’t hesitate to reach out – he would love to chat.
Related Articles
- All
- Easy Prey Podcast
- General Topics
- Home Computing
- IP Addresses
- Networking Basics: Learn How Networks Work
- Online Privacy
- Online Safety
Choosing from the Best VPN Trials of 2024: Which One is Best?
Whether you are shopping for a VPN for the first time or you are ready to make…
[Read More]Guide to Types of AI Models and How They Work
When you think of AI (Artificial Intelligence) models, you may automatically think of generative AI like OpenAI’s…
[Read More]Adversary Emulation for Business Cybersecurity
Security risks are constantly changing. Projects start and end, employees leave and are hired, new tools replace…
[Read More]Should You Use Apple’s Lockdown Mode? Here’s What you Need to Know Before You Decide
With the releases of macOS Ventura and iOS 16 in 2022, Apple rolled out a new feature…
[Read More]Protect Against Ransomware by Planning for Ransomware
Ransomware is a huge cybersecurity threat, and it’s only growing. It’s especially a risk for businesses, but…
[Read More]PIA: Private Internet ACCESS
The Private Internet ACCESS VPN will deliver the security, performance, and online access most users want. Behind...
[Read More]