Modern Hack and Modern Chaos

Modern Hack and Modern Chaos

Today, most companies have systems used to provide IT units and their own internal virtual services. In fact, services such as structures (e-commerce, virtual customer communication systems) brought by the modern trade concept are located on these servers.



While every company maintains all its information assets on these servers, since the digitalized structures are located on these servers, the company must protect these servers and its information structure. These are topics you will know and can easily guess. However, the subject we want to talk about is modern hacking and new modern chaos that companies experience.

Namely, after the hackers reached the company server, according to their own purposes;

- To grab all the information and then erase all the data from the digital media to the company

- To encrypt all files on the server (created with their own passwords) by encrypting the files with crypto software (making them unusable, unusable and readable) from the digital media to return the files to their original state.

- Cloning all the information and leaving the company with news on this subject to sell commercial and financial information to competitors.

- Just delete (troll) all information

-Take the server into a zombie-computer and make the computer work for its own purposes. (The server continues to run normally for other jobs, but begins to perform illegal tasks given by the extra hacker.)

- Stealing and distributing licenses of software on the server


They were carrying out many purposeful attacks in the form of ... However, measures were taken against the problems we learned from them over time. Systems have improved on security and system users have been informed about "user vulnerabilities". Systems were taken against the problems that caused long-term or momentary problems as above, and aggressive people started to be followed with tracking systems. Over time, many hackers who were attacked with these old methods were deciphered and accounted against the laws of the country concerned.



Nowadays, while simply defending the attacks; Unfortunately, they still continued to improve in hackers. But because they do not scatter as much cyber-terrorism as before, they simply look for systems that are not sufficiently secured every day with IP scanning and system stalker worldwide. However, even now, as well as changing the security missions of the companies, they went on to update the mission and vision in the attackers. By now damaging the system or the user, the principle of "manipulate the system and run away" has become widespread rather than directly indicating that an attacker "attacked" the system. Because instead of creating a certain big chaos, movements that seemed small and harmless began to attack in a very short time. Thus, instead of being detected in the short term, by being able to remain more confidential,it is appropriate for them to remain hidden in the long term and to leave them in other problems that cannot be solved. To explain by example;


When the attacker accesses the system, delete the entire database; By activating some triggers, it will be determined immediately who is doing this process and where. The system can be recovered very quickly with the backups taken at any time in response to the deleted information. Since he knows that this hacker will give himself away in his slightest mistake, he is proceeding with a different method. For example, imagine that the company has access to the e-commerce system; The company will sell a product at a loss to hundreds of customers who have benefited from this campaign, without the knowledge of the company.

The company will lose due to the sales it has made from this campaign and there will be a very difficult road options to choose from.

-The company can cancel sales and customer will lose satisfaction.

The company will announce that it has been attacked, and customers will no longer lose their trust in the security of this company.

- The company accepts the sales, continues the sales at a loss and punishes this vulnerability; it just loses sales and loss of labor at a loss.


...and such.



However, there is a situation that needs attention. When did the attacker come in? When did he make changes? Maybe this record that he had taken years ago was only effective today? From where exactly and in what way? Can he still enter? It is very difficult for the company IT to find the answers to these questions. They will spend hours studying rooms full of logs and records, perhaps months.


So could it be worse? Of course, there is always worse. Think; If the hacker added an illegal product to the e-commerce site, and when the hacker or a regular ordinary person told the security units (police, courts ...) about this site, he would face a legal crime complaint and a public reaction on behalf of the company. In fact, this company will never operate again. Even if the crime is legally recognized, the company has now come to an end because it is badly reflected to the public.


After this long text you will ask;

So what is the hacker's profit in modern time? While he used to be able to make money with extortion or data theft in the past, he couldn't earn any benefit in his current activity? So why?


The answer is simple;

We can not always say that they attack with a certain purpose of profit or logic. It can go from very complicated topics, from attacking just for fun or from being shown as a target to the competitor. But basically they take great care not to disrupt the principle of their concealment, regardless of the target and purpose of the attackers. Because they know that when they do, the laws will ask them for an account.


Various news and sources;

https://www.bbc.com/news/technology-53445090

https://www.zettaset.com/blog/data-integrity-attacks-data-manipulation-more-dangerous/

https://www.cloudmask.com/blog/is-data-manipulation-the-next-step-in-cybercrime

https://onedio.com/haber/16-maddede-internette-saati-10-dolara-kiralanabilen-siber-ordular-gercegi-435279

https://tr.wikipedia.org/wiki/Zombi_bilgisayar

Contact/Address