In November 2020, Cybersecurity Ventures predicted that global spending to combat cybercrime would grow by 15% per year and reach $10.5 trillion by 2025. IBM claims it takes an online business 280 days to detect a data breach. Imagine how much damage hackers will do during this time.
Cybersecurity is important for a business that works with information, customers, databases. It allows you to protect intellectual property, preserve the reputation of the brand, assess the vulnerability of the network. Let’s talk about proven tools that warn about online threats and help protect the system.
How to assess network vulnerabilities on Linux
Targeting the IT infrastructure of a business, hackers most often attack the network, gaining access to all corporate computers at once. To do this, they use automated equipment. To counter cybercriminals, organizations often hire so-called “white hat hackers.” Cybersecurity specialists analyze the system, carry out penetration tests, analyze which vulnerabilities allowed the hack to be committed, and propose a strategy to improve the IT infrastructure.
At the same time, there are many tools in the public domain that will show problem areas. So, to deal with the vulnerability of the network perimeter, we will use Kali Linux.
Kali (1st tool) is a Linux distribution that contains more than 600 plugins for assessing information vulnerabilities. With it, you can conduct a basic audit of the network yourself. Kali is supported on i386, amd64 and ARM platforms (both ARMEL and ARMHF). Requires a minimum of 20 GB of disk space, 1 GB of RAM (preferably 2 GB), and CD-DVD/USB/VirtualBox. By the way, Kali Linux can be installed even on an Android smartphone.
The most popular Kali Linux plugin – NMAP (2), or Network Mapper – collects information about the system – hosting, IP address, operating system, the number of open ports, and also tests whether it is possible to hack the firewalls of the system and conduct spoofing – disguise malicious software as an ordinary user interface in order to gain control over personal data. Nmap also contains an installer for Windows, but officially no longer supports Windows NT, XP and 2000.
A Wi-Fi connection often attracts hackers. AirCRACK-NG (3) will help you assess network security. The utility is not limited to monitoring, and also allows you to make a test attack on the network – WEP, WPA 1 and WPA 2. This plugin will show what wireless attack the router will withstand, and what will not be under its power. By the way, this tool works not only on Linux, but also on Windows, OS X, FreeBSD, OpenBSD, NetBSD and Solaris.
Another tool, THC Hydra (4), will conduct a test hacking attack. You will appreciate the security of more than 50 protocols, the list of which includes telnet, FTP, HTTP, HTTPs, SMB, evaluate vulnerabilities in databases. The tool is used to intrusion into web scanners, wireless networks and firewalls.
How to protect a WordPress site?
According to Kinsta, most often hackers hack sites based on WordPress templates in the following ways:
- backdoor is a malicious program, an application for hidden access to a desktop or laptop, which is specially embedded by a developer or hacker;
- pharma hack – malicious code exploits vulnerabilities of WordPress sites, Joomla documents, to raise a site belonging to a hacker higher in the Google search engine;
- brute force — selection of a password to gain access to the site;
- redirect virus – unauthorized redirection of a user from your site to another;
- cross-site scripting (XSS) is the most common vulnerability that is found in WordPress plugins, injection scripts allow a hacker to send malicious code to the user’s browser;
- system failure (DoS) – errors or bugs in the code of the website, which are exploited by a cybercriminal in order to overload the online portal with such a number of requests that the resource ceases to function.
If you have created a website for business on WordPress, we recommend that you check the vulnerability of the resource using the WPSCAN program (5). The program will provide information about the plugins installed on WordPress. You will learn which threaten your safety and which you can’t get rid of. To scan the website for vulnerabilities, you need to download a free AP token from the WPScan site.
In the free version of the program, you can conduct 25 API requests per day, then their number depends on the price and reaches an unlimited number of requests (2000 euros per year). However, this is the only difference between the demo and the paid version: testing plugins, themes and classifications everywhere is the same.
How do I secure my network?
For those who do not want to use Linux, but plan to protect the network from hacker attacks, there is an alternative – NETSTUMBLER (6). The program runs on Windows and analyzes the Wi-Fi connection in the network within the framework of a set of communication standards IEEE 802.11b, 802.11g and 802.11a. NetStumbler is used to find the network configuration of the access point (AP), to detect the cause of penetration into the system, to find out the strength of the received signal and to deal with unauthorized access. If you’ve established a wireless connection in the office or at home, it’s a good time to check the security of your network. In this case, NetStumbler will show the Wi-Fi coverage area, as well as devices that tried to use your connection without authorization.
If you have a newer router model, such as 802.11ac, install NETSPOT (7). The free version of the utility provides basic analysis of the Wi-Fi connection – SSID, or network name, MAC address of the router or wireless access point, current signal strength, bandwidth, channel used, type of cipher and standard mode that is used for the network. The paid version contains many visual tools and charts to analyze vulnerabilities and reflect the functioning of the wireless network.
Scanning web applications
BURP SUITE (8) in a simplified form makes it easy to scan the vulnerabilities of a web application. To do this, users select the “Website Scan” option. But in an online business, that’s not enough. Therefore, the advanced functions of the utility are tested for the possibility of penetration into the system. So, at the Stage of Recon (collecting data about the system), the Proxy tool conducts a test to analyze the history, website map, content. In the Content Discovery mode, you can find information from an application or exploits that can be used by cybercriminals, for example, some utilities or plug-ins that collect your personal data. And with the help of the Custom Discovery function, Burp Suite will detect bugs and vulnerabilities among files and directories.
A detailed overview of the Proxy history will identify the actual requests that need to be analyzed. You can then probe unexpected web app requests using the Burp Repeater feature. And with Burp Intruder, you have the opportunity to check exactly how hackers will exploit the problems of the application.
Burp Suite also analyzes who can access the application and how it is easiest to do this. In the Compare site maps function, you will define functionality that is presented to one user and is not available to another. And also learn what the information looks like for a low-privilege audience.
In addition, Burp Suite detects data leaks on the sitemap, a CSRF vulnerability (cross-site request forgery) using a test attack using the CSRF Generator tool.
How do I encrypt content?
Any information you share with customers can be stolen, including databases that collect information about real and potential customers. And subsequently used against you. Therefore, in the network business, it is important to “envelop” documents with special encryption (speaking in the language of vulnerability assessment specialists – “make crypt files”).
We all encounter encryption when, for example, we go to blocked sites using a VPN. We change the location for search engines, choose a geolocation that is different from the real one, and hide the IP address from prying eyes. In fact, you can encrypt not only the online connection, but also any document, temporarily becoming “invisible”.
To encrypt the content you will help the program VERACRYPT (9). This free application is in the public domain and is used for Linux, Mac and Windows. The utility will perform the crypt of the system disk, USB-drive — and even the file container. By installing VeraCrypt, you will protect your personal data from viruses, information leaks and DDoS attacks (hacker attacks to bring the system to failure). You just have to choose a resource with valuable information and encrypt it.
How do I recover my personal data?
Due to the leakage of information, the reputation of the business suffers. So, only in May, according to the calculations of IT Governance, 115,861,330 incidents related to the theft of customer information were recorded.
Therefore, you should always have a tool that will prevent data leakage and restore personal information. The Acronis Cyber Cloud platform combines several features:
- backs up data;
- recovers information in databases after hacking.
- synchronizes files and contains a digital signature feature.
Acronis Cyber Protect Cloud (10) has a built-in AI-driven utility, ransomware protection. The Acronis Cyber Disaster Recovery Cloud provides the security of a collaborative management workload, which is critical to the success of your business. Acronis Cyber Files Cloud allows you to share files in a secure mode to prevent hacker attacks and data leakage. Finally, acronis Cyber Notary Cloud provides an opportunity to engage in electronic document management, which contains critical information. The program is based on blockchain technology: this ensures the anonymity of users and the confidentiality of information.
The realities of our life are such that you always have to protect your business from someone. In the 1990s, we faced racketeering, in the 2000s our country was flooded with raider seizures, and in the last ten years the world has learned what cybercrime is, which is gaining momentum every day. Contrary to the stereotype, it is not only corporations and holdings that suffer. According to statistics, 40% of online attacks are aimed at small and medium-sized businesses – online stores, auctions, service sites. At the same time, not everyone can afford a professional audit of an Internet resource conducted by cybersecurity specialists. But, having installed the basic programs described above, you will evaluate vulnerabilities, find exploits, protect the network, computers, the Internet of things, accounts, cloud platforms. If you own a business, solve problems not as they come, but prevent risks and stop threats at the root.