Think like a hacker: how to protect your business from cyber attacks

Businesses cannot afford to neglect cyber security. A recent report published by Beaming found that UK businesses are attacked online every 2.5 minutes, with the average firm suffering from 52,596 cyber-attacks between April and June 2018.

Small businesses are particularly vulnerable to these attacks, as a lack of security/training budget and expertise leaves many unable to properly protect their confidential information.

But all is not lost for mall businesses. The best way to defend your company from a data breach isn’t by investing millions in expensive software and data security experts, it’s by thinking like the person behind the attack in the first place – the hacker.

Hackers are crafty, opportunistic, and adapt quickly to challenges, but by placing yourself in the mind of one of the bad guys you can successfully anticipate their next move and level the playing field. Here are some top tips to help you think like a cybercriminal.

1. Preparation is everything

First, you understand how hackers go about their work. The process can usually be broken down into two stages:

  1. Exploration, and
  2. Exploitation.

The first stage involves scanning and testing your systems to discover interesting information that could later be used against your organisation.

The tools hackers use to breach and extract valuable information are vast, and they’re constantly evolving, making them pretty impossible to keep up with. They include:

  • Ransomware,
  • Phishing,
  • Trojans and
  • Bait and switches (when an attacker buys advertising spaces on a website which links to a page that’s infected with malware).

However, the one thing that remains constant is perhaps the most important stage to any hack: planning.

How hackers plan

All hackers will undertake some form of “footprinting”, whereby they try to learn as much as possible about the target organisation, including who the employees are and what systems and platforms they use. This information will often be mistakenly made public, whether through social media, forums, or even on the business’ own website.

Alternatively, hackers will sometimes gather sensitive information about a company by doing some DNS enumeration – the process through which a hacker gathers information about an organisation’s network by locating all the DNS servers and their relevant records for a business that can be later used for an attack – IP addresses, usernames, computer names, and etc.

With this knowledge, the solution SMEs should implement to make hackers stumble at the first hurdle is two-fold.

People are the weakest link

Firstly, small organisations should understand that the weakest link in any SME’s cyber defence efforts will always be its staff; human error is an inevitable part of every organisation.

Hackers know this and exploit employees’ mistakes to their benefit. If SMEs remain conscious of this fact, they can take the appropriate steps to limit any potentially disastrous slip-ups.

For instance, many employees may simply not be aware of the risks or consequences involved when accessing a public WiFi network when working on the go. Ensuring that comprehensive training is given to all new employees is a must.

Equally, existing employees should also be regularly tested on their knowledge of information security best practice. By mitigating the risk of easily-avoided mistakes, you will be well on your way to defending your business from hackers.

Protect against a DNS enumeration

Secondly, protecting against a DNS enumeration is always a good policy. Your DNS server is a computer that contains a database of your public IP addresses and their hostnames.

If it is not configured in a secure way, your network’s sensitive information can be put at risk. As such, it’s worthwhile for any SME to protect their network against this by configuring all name servers to disallow a DNS zone transfer to an untrusted host.

While this will not prevent the most advanced hackings, it will protect your network from the amateurs.

2. Expect the unexpected

The second stage in any hack is exploitation – gaining access to a system and maintaining access for further breaches in the future.

Hackers are some of the most creative people around. They constantly look for vulnerabilities in a system, especially if it’s by using something in a way that the web developer never intended. Hackers don’t just think outside the box – they throw the box out of the window.

If a developer only expects the usual paths of attack, such as DNS zone transfers and viruses, he or she will not implement protections against a more unusual path of attack.

Web developers should therefore take part in some penetration testing – the process through which someone launches a simulated attack on a computer system to find any potential weaknesses, including the more obscure ones.

There are experts whose job it is to test systems in this way, so if the budget stretches far enough, you should look to bring outside help.

Start with the most simple attack paths, as closing these off will easily deter less dedicated/patient hackers. Make sure to examine every element of the company’s network, including hardware, software, and protocols.

Proceed to thinking about more creative ways of gaining access to your system, which should start with reflecting on what a potential hacker might want to steal in the first place.

This will differ company to company, and some industries will hold more valuable information that others. By working this out, you will have a better idea of which areas to focus on and will have more success in finding secret paths that could have disastrous consequences.

3. Read between the lines

While small businesses can dramatically reduce their chances of being hacked by following the previous two steps, with enough dedication and skill a hacker will always have a chance at breaching a network and acquiring confidential information.

Once a cybercriminal has gained access, they will attempt to escalate their privileges in the system, allowing them to make changes to the network without the administrator knowing anything about it.

A hacker will then usually do two things.

Firstly, they will upload a piece of code that’s known as a “backdoor” – a secret portal that gives a hacker illicit remote access to the system that they can use to enter the system again the future.

Secondly, a hacker will cover their tracks to avoid detection by web developers, as well as to remove evidence of the hack that could be used against them in a court of law.

Log suspicious activity

The point to be made here is that by thinking like a hacker, SMEs will realise that any cyber security policy should include measures to recover from an undetected hack before a more serious one occurs.

Therefore, it is critical for businesses to regularly monitor their system logs to find suspicious activity, as well as making sure that the monitoring systems they use are updated to deal with the most innovative methods.

If either suspicious activity or a backdoor is found, your business has suffered a hack. You should immediately backup your website, as even though your site has been hacked, it could become much worse if not dealt with soon. By backing up your site, you can safely investigate what went wrong and try to find a way to close the backdoor.

If you make a mistake during your research and set off a virus which escalates the issue, your backups will ensure that you can restore your site to where it was before you investigated the backdoor. It’s not a perfect solution, but it will help you avoid a significantly worse headache in the long-term.

Stay one step ahead

While the tools hackers use to breach systems are getting more sophisticated by the day, organisations are increasingly putting themselves in the mindset of the hackers to protect their sensitive information and operations.

Nowadays, cybersecurity is a high-stake game of chess, in which most businesses simply react to their opponent’s moves. However, those that take the initiative by thinking like a hacker to stay one step ahead will have a far better chance of checkmating the attacker.

This guide has been written for ByteStart by Darren Hockley , MD of eLearning provider DeltaNet International, which offers a wide range of courses for businesses including training on information security.

Last updated: 16th March, 2021

Superscript no-ties business insurance - pay monthly

Tailored just for you + pay monthly. You could be covered in just 10 minutes.

Combine all of your old pensions into one online plan

Sign up in 5 minutes - over 300,000 users, including the Bytestart team!

Tide Business Bank Account - £40 welcome bonus!

Exclusive for Bytestart readers + 12 months' free transfers. Find out more.

FreeAgent Online Accounting - 55% off - ByteStart exclusive!

Brilliant software. Get 55% of your first 6 months, then 10% for life.

Related articles

  • How to use Google Analytics to boost your online performance

    There are a million things to think about when you start a small business. Your website alone is a field of rabbit holes – content, structure, design, SEO, social media integration – down any one…

  • set up online shop

    4 benefits of partnering with an e-commerce firm

    There are now more online business ventures in existence than ever before. This only stands to reason, as we have already witnessed countless shoppers migrate to the digital community when purchasing everyday goods and services.…

  • cyber security tips and advice for small businesses

    5 cybersecurity quick-wins for start-ups

    You don’t need to be a multi-national enterprise to be an enticing target for cyber criminals. Half of small business owners experience at least one type of cyber-attack over a one-year period, research from Nationwide’s…