By Charles Leaver

Recognizing data leakage: You may have already been attacked

Earlier this month, the Federal Bureau of Investigations announced that they had the ability to effectively hack into the webcam of any computer without the user’s permission or knowledge.

According to Mirror, the FBI has had this capability for years, however the organization’s former assistant director, Marcus Thomas, said agents “mainly” utilize this strategy for counterterrorism efforts. Thomas also said that this trend is poised to expand within the current technological environment.

“Because of encryption and because targets are increasingly using mobile devices, law enforcement is realizing that more and more they’re going to have to be on the device,” Thomas told the source. “They’re going to have to use these types of tools more and more.”

This announcement has created new worries for both individual users and larger organizations, including concerns that they may have already been infiltrated by cybercriminals without realizing it. This can present a serious issue when it comes to data security, as the faster administrators respond to data leakage, the better. For this reason, it is important that managers and employees look for signs that can alert them to a possible infiltration and work to mitigate these risks.

Symptoms of cyberattacks
According to InfoWorld contributor Roger Grimes, if users begin seeing suspicious or clearly fake antivirus messages on endpoints, it could be a sign of malware infection. Many of these notifications will offer a free virus scan of the device, by by the time this window appears, it may already be too late.

“Clicking No or Cancel to stop the fake virus scan is too little, too late,” Grimes wrote. “The malicious software has already made use of unpatched software, often the Java Runtime Environment or an Adobe product, to completely exploit the system.”

To prevent further infection, when a window of this type appears, the user should power down the system. Once this is done, the individual can reboot the device in safe mode and try to uninstall the malware.

Additionally, if employees notice that their Web searches are being redirected to suspicious pages, the system may be under attack. Grimes noted that cybercriminals are sometimes paid by driving Web traffic to specific endpoints, and they utilize malware to funnel clicks to these locations.

Furthermore, if users notice that their mouse seems to move on its own and make autonomous decisions, this is a sure sign that malware has infiltrated the technology. Grimes wrote that small movements of the pointer could be due to hardware issues, however, if the mouse navigates between programs and makes correct choices to run certain programs, malware is currently operating on the system.

Another sign that screams malware infection is if endpoint security programs, anti-malware or Task Manager applications are disabled and the user is unable to restart them. Cybercriminals include specific code in their samples to perform this function as a way to protect themselves and prevent detection. If this occurs, the device needs to be completely restored, Grimes advised.

The ‘why’ factor
In order to mitigate the risks of becoming a victim of data leakage, it is important that administrators understand why their business may be targeted by cybercriminals. Forbes contributor Ron LaPedis pointed out that no company is outside the scope of hackers.

“Don’t kid yourself: every company is a target,” LaPedis wrote. “Only the ‘why’ differs from company to company.”

The why factor can include a competing agency after the business’s customers, a hacker with financial motives, an activist group that doesn’t agree with the organization’s activities or a group after the technology being utilized. LaPedis also pointed out that one business may hold the key to infiltrating another. In this way, the primary organization is not necessary the target, but simply a means to an end.

Get the Blog Here