With the global cost of data breach well on its way to reaching the projected $2.1 trillion for 2019, the cyber-crime gold rush is on. But, unlike oil, gas, gold and diamonds, the amount of data processed over the internet daily continues to rise – and the wells are not projected to run dry. So, who are these modern-day prospectors and how do they go about mining your hard-earned data? Some names are well known, like notorious WikiLeaks creator Julian Assange (AKA: Mendax) or the Anonymous hacker group responsible for hacking Amazon, PayPal, Sony and dozens of government agencies - but there are countless others operating globally, and while the results of their activities are widely publicized, their processes are a closely guarded secret – until now.
Last week’s 2019 Sangfor Innovation Summit played host to white-hat hacker, Karthik Raghuram Sundar, ITA Manager for KPMB Management & Risk Consulting in Malaysia, as he explained and then demonstrated, “A Day in the Life of a Black Hat Hacker.”
Hackers expect employees of large corporations to congregate in coffee shops with their laptops where they can get a quick caffeine jolt, escape the monotony of the office. While (smart) companies use a VPN to encrypt company data, workers personal data is often not encrypted – and the helpful free WIFI at the coffee shop of choice is the perfect way to gain access to glean log-in credentials from busy employees. After a few days relaxing in a coffee shop sifting through employee information, a hacker will usually have access to a minimum of a web-based email account, which is then used to identify employees with access to the company’s finances. A quick targeted spear phishing attack is launched in an attempt to infiltrate this new account and in turn, root access to the company databases.
Hackers can now work from home to sift through contact information, credentials and personal information of employees, customers, vendors and staff – essentially slipping out of that coffee shop with the keys to the kingdom. Selling this data online in exchange for untraceable cryptocurrency is a breeze, and as Mr. Sundar says, “You just got owned!”
Mr. Sundar then did a live demonstration of several hacking techniques – turning audience members devices against them to the amazement of an astonished crowd of IT professionals from across the APAC region, Europe, UAE and the Americas.
As more traditional methods of VPN encryption and firewall are useful in a controlled office setting, employees are becoming more mobile (and in need of caffeine), meaning new protection methods sorely needed, for example, Sangfor’s newest Security Solution Endpoint Secure.
Endpoint Secure enables organizations from small to large to identify and protect against 0-day malware & Advanced Persistent Threats (APT) using advanced AI detection and protection. Endpoint Secure also prevents the spread of ransomware and other APTs throughout the network. In conjunction with the AI-enabled malware/APT detection of Engine Zero, cloud-based threat intelligence platform, Neural-X, and Sangfor’s Next Generation Firewall, NGAF, Sangfor Endpoint Secure prevents the east-west spread of malicious activity by blocking suspicious or unauthorized network communications.
Why Sangfor?
“We are very excited to offer the advanced features of Endpoint Secure. Not only does Endpoint Secure integrate with the entire Sangfor Security Product line, providing state of the art end-to-end protection, it significantly increases ROI by making it easier to manage many thousands of agents either on-premise, in the cloud or both” said Jason Yuan, VP, Product and Marketing for Sangfor International. “With better behaviour-based data available to users, organizations can develop strategies for mitigating the incursion of ransomware and other APT threats. By building comprehensive behaviour profiles of endpoint processes, applications and communications, organizations can reduce the risk of breach by APT. This product will further help our customers reduce risk and save money using a security solution that is unified and easy.”
Founded in 2000 and a publicly traded company as of 2018 (SANGFOR STOCK CODE: 300454 (CH)), Sangfor Technologies is the global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at www.sangfor.com and get in touch with Sangfor Technologies – or visit us at an upcoming Sangfor event! Also, look out for more on our series of Network Security, Cloud Computing and Infrastructure Optimization inspirations from our most recent Sangfor Innovation Summit 2019.