Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

Hacker Habits: When to be On Guard



September 2, 2009 By

At the 17th annual DEFCON conference in Las Vegas, Nev., people from all over the world came together over one shared interest: hacking. The three-day conference is the largest IT security conference in the nation and this year over 10,000 people were in attendance. A small percentage of attendees were chosen at random to participate in a survey by Tufin Technologies about the habits of hackers. White hats, black hats, good guys, bad guys, bad guys working for good guys: you name it, they were there. The identities of the survey participants were kept completely anonymous to help preserve the validity of the responses. Here are some interesting finds from the survey:

During the Year

  • 81 percent of hackers surveyed said they are the most active during the winter holiday season
  • 56 percent said Christmas was the best time to engage in corporate hacking 
  • 25 percent said New Years Eve was the most ideal time for corporate hacking

During the Week

  • 52 percent stated that they spent the most time hacking during the weekday evenings
  • 32 percent stated that they spent the most time hacking during the work hours of a regular work week
  • Only 15 percent said they were hacking on the weekends

Firewalls

  • 86 percent of respondents felt they could successfully hack into a network via the firewall
  • 25 percent of these people said they could do this in a matter of minutes
  • 14 percent said they could do it in a few hours
  • 16 percent said they wouldn't hack into a firewall even if they could

Michael Hamelin, Tufin's chief security architect, said in an interview, "this may be obvious, but poorly configured firewalls remain a significant risk for many organizations. It's not the technology that's at fault, but rather the configuration and change control processes that are neglected or missing altogether."

Another alarming fact is that seventy percent of hackers interviewed don't feel that regulations made by governments worldwide to implement privacy, security and process controls have made any difference to their chances of hacking into a corporate network. Of the remaining thirty percent, only half said compliance initiatives have made their hacking more difficult and while the other half said they believe they've made it easier.

Hamelin said that these statistics further validate the frustrating gap between compliance and security. "It's like they can't see the forest for the trees," he said.

"Organizations become so wrapped up in meeting compliance regulations that security takes a back seat, instead of going hand in hand, as they should."

Another interesting find of the survey was that hackers usually release viruses on Fridays. They know that changes to applications and firewalls are generally made on Fridays and Saturdays which makes them more vulnerable to new virus attacks.

Finding patterns in the days and times hackers take advantage of will help organizations and agencies know when to be more vigilant.


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All