BLOG HOME > Cybersecurity > Hacking Trends 2014: Hackers Actually Clean Up After Themselves

Hacking Trends 2014: Hackers Actually Clean Up After Themselves



By: David Ellis
VP, Investigations
CISSP, QSA, PFI



Will security ever surpass cybercriminal sophistication?

In my 27 years of law enforcement and forensic investigations, I’ve seen the gamut of criminal techniques. The cleverness of hacking trend methods has been on a steady incline for the past 10 years. I’ve seen sophistication levels rise, and watched security’s attempts to follow.

In the past year, hacking trends have emerged that both intrigue and alarm me.

What a forensic investigation used to look like

Most of the breaches I investigated in 2008 were extremely messy. Hackers would get into the system, rip out a bunch of card data, and leave evidence of their data burglary everywhere. In essence, broken windows, documents strewn across the floor, overturned chairs, jewelry stolen – the whole Hollywood theft scene.

Hacking trends: now, hackers cover their tracks

Over the years, hacker takedowns by law enforcement proved that having the Pacific (or Atlantic) Ocean between a hacker and his targets didn’t necessarily insulate him from arrest, so hackers became smarter.

In 2014, hackers take their time to do a better job of intentionally avoiding detection. They encrypt card data before transferring it out of a system, erase or modify security logs, and often leave few traces. They run malware from RAM instead of the hard drive, which often goes undetected by most anti-virus software. Forensic investigators still manage to find evidence of breaches, but the remnants of evidence are much smaller and require a more detailed examination to locate.

Instead of the obvious overturned coffee table and wide-open filing cabinet hacking methods of 2008, today’s hackers are making the extra effort to conceal their activities.

Download the latest guide to PCI compliance

Download Now

What can we learn from these hacking trends?

Hackers are getting smarter than our automated detection tools. They’re developing new ways to hack faster than we can create ways to defend against them. It’s a fact of life that security will always follow the vulnerabilities. We will always be behind hackers because development is limited by personnel, budgets, time, regulation, etc. A hacker’s only limitation is his brain capacity.

Hackers can spend weeks, months, or years trying to defeat security controls that, at the time they were developed, were amply secure. When a system is successfully exploited, developers go back to the drawing board to produce a fix. Unfortunately, I don’t see this pattern changing anytime soon.

Sure, some may believe their new product is impervious to attack. I imagine the folks that developed WEP encryption probably thought that as well.


Don’t worry, the sky isn’t falling

As always, hacking trends typically go after the weakest link in the chain first. Weak links exposed to secretive hacking methods lead to longer time spans between initial breach and detection, which means more compromised credit cards and higher fines. Observe PCI DSS regulations, and follow other security tips to avoid being the weakest link.

David Ellis (GCIH, QSA, PFI, CISSP) is VP of Forensic Investigations at SecurityMetrics with over 25 years of law enforcement and investigative experience.

Join Thousands of Security Professionals and Subscribe

Subscribe

We are excited to work with you.

*Required

Thank you!

Your request has been submitted.