A sobering fact to security professionals the world over is that even the most robust security implementation can be defeated by human error. By accident or not, acting with malice or not, human-caused network breaches mandate a consideration of hacker reconnaissance as a key element in successful penetrations. As such, any examination of a system’s attack surface must include human error vectors alongside potential holes or errors in software application code that could create paths leading hackers in, and your (formally) confidential data out.
Seemingly innocuous internet forum posts & inquiries made by employees can provide a rich vein of information for hackers to mine for attack vectors. Search engines are indeed as valuable to hackers as they are for consumers shopping for a car, or students researching for clues on a sunken ship. Google’s perpetually growing indexes and archives can and are exploited by the those with darker intentions, easily querying for vulnerabilities in web applications.
Here a few pieces of information hackers can easily locate and examine to spawn attack surface strategies against your company:
Private Info in Public
Hackers can launch social engineering attacks given excessive personal information contained within archived news articles or domain registrations.
Our societal predilection to over-share to the anonymous internet can come back to haunt us if we vent about frustrations at home, or at work, or specifically at the problems currently vexing your company’s system.
IT employees often post on public boards, soliciting feedback on technical issues or system errors, giving ripe opportunity for hackers to deduce weak spots in the system.
Caught in the Spider’s Web
Along with your blog post of Grandma’s “secret” cookie recipe, search engines capture and forever remember and redistribute all manner of information. SQL, syntax and a variety of other error pages are ensnared and cached by the web spider as well, potentially used to ID security issues on target systems.
Armed with this freely given information, hackers can then move on to service fingerprinting and port scanning to further identify the attack surface, usually employing automated scans for a first pass attempt. With sufficient, accurate knowledge collected from their reconnaissance, a hacker could then initiate a successful manual attack on the targeted server.