Eli5: how does hackers infiltrate random mid-size company?



I’m saying random mid-size to exclude hackers with heavy resource and motivation to hack said company. I would assume Microsoft, banks, google etc all get heavily attacked every day. But like a random mid-size company for the average joe. How do they infiltrate e.g. their servers and take ransom of all their project files?

In: Technology

The weakest link in the chain is the humans. Moat of the time this happens, it’s because somebody clicked on a sketchy email.

Most hacking is not targeted. That means hackers will simply scan the internet for insecure systems, such as server software that hasn’t been updated. Or they send out millions of emails with phishing links of trojans.

Sometimes the victim is going to be a grandma, sometimes it’s a hospital and sometimes it’s a mid-sized company.

Most “hacks” are really just social engineering exploits through well-known channels.

Fake the email header, send your target a link, see if they’ll click through and download the ransomware.

Fake the email header, send your target a “password reset” link, see if they’ll click through and give you their username and password.

Email your target a zip file containing malware, see if they’ll install it.

Call a receptionist or an admin and impersonate an employee looking for help; see if they will give out information about the company’s VPN or other sensitive information.

Call payroll, impersonate an employee wanting to make a change in their direct deposit or tax withholding, say you can’t use the company website, and ask to email them a file. Email them a malicious file, wait for them to open it.

Usually it’s by sending an email with malware in it. They open the email, and the malware gives them a foothold in the network they can exploit.

A really good one is to at least get into the email system this way, even if you can’t get any further. Just pick a high exec and start reading the emails. Learn the manner of writing, when they’re in the office, etc. Then you can send an email to the computer admins telling them to give “new employee” (you) admin access to the system.

Most attacks leverage humans, not breaking through the security software directly from the outside.

There are many ways this happens but one of the most popular is called social engineering. This is where the attacker pretends to be someone their not in order to gain access to the victim’s information. You’ve probably heard of the stereotypical “Nigerian Prince” scam. A Nigerian Prince has several assets frozen and only needs your bank account information to unlock. All it takes is one person stupid enough to fall for the scam in order to give away their information. The same thing can be done with passwords. A hacker will pretend to be a website they’re not in the hopes someone will input their information.