Hacker attacks are not fresh news for the 21st century. Although our company does not specialize in protection from information thieves, we have to take such “attacks” into account. Since all data going through our proxy and VPN passes via an encryption tunnel, it makes it extremely hard for the data to leak. However, you can read about the advantages of our service (unlimited traffic, no logs, compatibility with all types of devices) on other sections of the website. The goal of this text is to be an introduction to information security for people who fear becoming victims of a hacker attack
Signs of hacking
If we leave aside these viruses-encoders that are growing more popular every day, we can claim that the goal of the majority of hackers is a target-attack that allows them to steal the data that they’re particularly interested in. Let us define “the symptoms” that can be a sign of a break-in into your system:
- New files. Generally, users suspect a hacker attack when they notice unrecognized files on the system disc. It is no surprise: when hackers have established access to your network, they start transferring their “tools” there. You can search such files with the help of Sysmon, a free program by Microsoft, and other tools oriented on such tasks.
- Data breach. Perhaps, one of the “grey” resources that hackers use already has your stolen data. In order to check it, you can use a tool for corporate information search. A widespread option is DeHashed, but you can also use Breach Aware.
- Flawed performance. If you notice “anomalies” in the performance of your devices (for instance, unknown processes, a rapid increase in network traffic), it can be a sign of hacking. In this case, we recommend using programs aimed at finding such deviations. For example, Security Onion Suricata (a free tool with an open code).
We would like to draw your attention to a few basic details that you can deal with before turning to a professional:
- Ransom. It is not recommended to interact with the criminals asking for a ransom. There is no guarantee that your data will be deleted after they receive the money.
- Primary measures. It is better to work with anticipation. Data backup is the best way to anticipate a cyber-attack. If you suspect a data breach, contact cybersecurity professionals. If the situation is critical and there is no time to contact professionals, we recommend unplugging your devices. But remember that turning the servers off will lead to a loss of proofs that are stored in the RAM.
- System protection. A commercial product (antivirus) aimed at protection will reduce the risk of hacking. However, you should understand that none of the existing products guarantees full information security; that is why you need to build up your own specialized security system in correspondence with your individual situation (there are no universal answers). We recommend turning on a two-tier authentication system on your corporate email for all employees (systems designed for a physical carrier or an app, requesting a login approval, are the most effective). We recommend using tools with an open code made for looking for hackers’ tracks in the network (an example is Velociraptor) and researching programs for log analysis (Graylog2, Wazuh).