May 29, 2018
Slow Hacking (new form of threat that conventional systems can’t stop)
If you don’t know what is slow hacking and have a web based business to protect, you are exposed!
Since we started using AI assisted security tools, we noticed peculiar behavior, which goes undetected by using any conventional tools in existence. Traditionally, hackers try to compromise hosts using scripts and once they have some or all access, they use the compromised hosts as source to launch an attack. However this method becoming ineffective as security companies and ISPs cracking on the less secure hosts and either restricting them or blocking them all together. However RUDY (stands for Are You Dead Yet) is becoming buzz word of the darknet. Here is how the new technique is being deployed.
First hacker does the sanity check on the target host. Once they know what technologies they are using(ex Angular, NodeJS etc.), which might give clues to API end points and URLs to access.
Attack is composed of targeting known username and password (taken from numerous dumps available on the open net), but triggering not more than 1 -2 requests per min and try to understand what is the target reaction is. AI tools comes handy here! By slowing down but persisting attack over several days and weeks with spoofed IPs, none of the conventional security systems are effective.
How can you stop, You can’t using conventional tools provided by older companies like Cisco or in-house network expert. You have upgrade your knowledge and start using AI to defend.