General security

You May Be Breached and Not Know It!

January 25, 2018 by Chiragh Dewan

Covering the webcam and mic on your laptop has now become standard practice since people discovered that hackers can now access the webcam without having the indicator light on. According to Microsoft, it takes an average of 200 days for a corporation to realize that they have been hacked and another 80 days to contain it costing them an average of $12 million per attack.

Last year, an image of Mark Zuckerberg went viral which showed that he too, had covered the webcam and the mic of his laptop with tape:

Mark Zuckerberg covering his laptop’s mic and webcam with tape

suggesting that no matter who you are, one can never be too careful. In this article, we will talk about small details you need to keep an eye out for which can help determine if you have been compromised or not.

Here are 10 things to look for which can help you determine if your system has been compromised or not. This list presents a mixture of information to be mindful of: web servers and personal systems as well as in an office environment:

  1. File Structure: Whether it’s your personal/office system or a server, if you notice a file that you don’t remember creating, files that have been moved around, any files that may have ended in the recycle bin, but you don’t remember deleting or any other changes that you notice within your file system, it’s always recommended to scan your system for malicious file that might be harmful.
  2. Unknown Processes: It is a good practice to periodically go through the processes that are running on your system. Any unknown process that is running should be immediately closed down, and the system should be scanned after.
  3. Scanning External Drives: Most of us have a habit of using our friend’s/colleagues’ external drives such as pen drives, external hard disks, etc. Since we cannot be sure how they use those drives and the source of the data that they have used in the past, a scan before using the external drives is an excellent way to be secure.
  4. Downloading files from the internet: The most common source of being infected by a virus or a malware is through downloading files from the internet from an untrusted source. Downloading songs, pirated software and cracks for software are some of the most common file types through which systems are compromised.
  5. Opening emails from unknown sources: In the recent years, spear phishing attacks have been the number one cause of people being compromised. It is advised to only download files from trusted email addresses. If you have doubt after reading the content of the email, check the sender’s email address carefully.
  6. Regular updates: Updating third party software/applications along with the Operating System is a recommended practice. There’s a reason companies are actively sending out security updates as some critical vulnerabilities may be found in the previous versions which can lead to the attacker being able to take control of your machine entirely and while you are at it, do not forget to update your anti-virus as well.
  7. Checking Logs: Periodically checking your server logs can give you great insights as to unauthorized logins, multiple login failures from a remote location, traffic from an automated tool, or whether the log files have been tampered with.
  8. Monitoring data leakage: Checking the security controls on a regular basis will help the security team maintain control of the network. Periodic checks on the internet content of the users to locate any private data that might be available for public viewing is a recommended measure. This measure would also allow the security team to monitor if an employee is leaking any sensitive data.
  9. Having Strong Passwords: Having weak passwords makes you vulnerable to various attacks which can lead to loss of sensitive data along with a possibility of your entire network being compromised.
  10. Tracking your data: Being aware of how and where your data is being transferred from one place to another would help eliminate a lot of loopholes. Automating specific protocols would make sure that the data is only going where it is supposed to and is safe.
Posted: January 25, 2018
Chiragh Dewan
View Profile

A creative problem-solving full-stack web developer with expertise in Information Security Audit, Web Application Audit, Vulnerability Assessment, Penetration Testing/ Ethical Hacking as well as previous experience in Artificial Intelligence, Machine Learning, and Natural Language Processing. He has also been recognised by various companies such as Facebook, Google, Microsoft, PayPal, Netflix, Blackberry, etc for reporting various security vulnerabilities. He has also given various talks on Artificial Intelligence and Cyber Security including at an TEDx event.