What attackers are looking for
When choosing a target, cybercriminals look for a range of weaknesses in people, processes, and technology that they can exploit to execute successful hacks or fraud. Here are some of the most common things that cybercriminals leverage to plan the attack on their next victim.
An attacker will research every online system, including websites, email and application servers, remote access portals, CCTV systems, and even building management systems.
Using their tools and techniques they can quickly identify out-of-date or forgotten systems which are easy targets. Breaching these systems can cause business interruption, or be leveraged to gain access to secure networks.
CyberProfiler uses the same open-source tools and integrates them to detect vulnerable systems that cybercriminals will leverage should you be targeted. For example, we apply the same tools used to hack this building management system belonging to Google.
Website data and social media
When identifying targets, attackers search for companies that do not invest heavily in technology; an indicator of weak security. They also look for individuals that could provide a way into an organisation by compromising personal email or social media accounts.
We identify services the attackers can see, their versions, and your perceived technology expenditure. We will also scan for fake social media accounts, websites and domains impersonating your organisation.
Attackers leverage insecurely configured domain and mail server settings to breach or phish information from businesses and individuals. Phishing is the fraudulent practice of sending emails that appear to be from your company. Cybercriminals impersonate your staff, misleading employees into revealing passwords, downloading malware or scamming customers into paying fraudulent invoices. Domain misconfiguration can allow attackers to send emails that appear to be from your domains, making it hard for a victim to detect or prevent fraud.
The CyberProfiler service actively checks the configuration of all the services associated with your organisation. We will notify you if we discover a configuration that an attacker can exploit. We will also actively search for recently registered domains that appear to be similar, as attackers might also use these to impersonate your business.
Many businesses needlessly advertise information about technology, staff and processes that enable attackers to execute successful attacks or convincing scams. Information gathering is a crucial step to pulling off an effective hacking campaign, and unfortunately, many businesses make it too easy for attackers to collect the information they need.
We will verify that you are not sharing unnecessary information such as staff details, third-party vendors, or technology versions. We will also ensure that private company processes and policies are not accessible to potential attackers.
Previously breached data
Attackers regularly search and do business on darknet markets and forums for existing data stolen from your organisation. The sellers of this data know it can be leveraged, and the buyers specifically purchase it as part of a plan to attack and to scam their victims leading to fraud, reputational harm and significant stress for victims.
As part of our service, we actively search underground forums and black markets for your organisation's data. We notify you if anything regarding your organisation surfaces. Such data includes user accounts, hacker forum and message boards, intellectual property, and other sensitive data.
Avoid being a criminals next target
Attackers scan the internet for businesses with common vulnerabilities that can be leveraged to reach their ultimate goal. As a result, a very high degree of security can be achieved through understanding what attackers look for, and how your organisation is perceived.
Our monthly report provides companies with exclusive insights into how cybercriminals will leverage their specific weaknesses. We will enable businesses to have an active defence, identifying vulnerabilities before attackers do. Our findings are summarised in a concise monthly report for technical and non-technical executives, and should clarification be needed - we are available to provide consultation.