Hacking

Hackers want to get into your computer systems and use them for their own purposes. There are many hacking tools available on the internet as well as online communities actively discussing hacking techniques enabling even unskilled hackers to break into unprotected systems. Hackers have a range of motives; from showing off their technical prowess, to theft of money, credentials or information, or to cause damage.

Mitigation of a hacking attack can be achieved by routine security management processes combined with intrusion detection. A network intrusion detection system can monitor traffic and alert an administrator to misuse or anomalous behaviour while a host-based intrusion detection system can monitor key system files and memory structures and alert an administrator if they are accessed or changed. Intrusion prevention systems can block attacks and prevent changes to software components. Network-based intrusion detection and prevention systems can be very useful weapons in the fight against hackers.

The way that these work typically is to match signatures that identify malicious code in network traffic, with the possibility of blocking its source. There are also specialist host based intrusion prevention systems that stop malicious software from misusing computer memory. These are certainly worth investigating, but the impact of these technologies on business functionality needs to be assessed by the organisation.