Hacker types, tools and techniques
It all starts with an idea that evolves into a concept, and if you’re lucky, you will see that idea turn into a product. If you’re unlucky, and that is often the case, that concept will be stolen and produced in China.
How data is stolen
The hacker first identifies the target, either specific (a company), or he scans a range of internet-connected computers for vulnerabilities, vulnerable targets typically run older versions of Windows or other older unpatched software.
With a target identified, the hacker finds the weakest link within the company (receptionist, new employees, etc) and tailor an email to that person with social engineering techniques. The email convinces the person that it’s legitimate and usually contains an infected PDF-file or a link to a site with malware.
The weak link will open this email that might look like a normal invoice with a PDF-attachment, download the PDF, and open it. When opening the PDF, malware that was attached to it will be installed and start to spread within the company network. The malware is designed to exploit a security hole in either Windows or other software running on it. Now the hacker is in.
Data is either stolen instantly, and the hacker removes all traces of the breach, or the hacker leaves the malware running within the company for a longer period. There are instances where malware has been running within a company for years, each day collecting classified information and sending it to the hackers’ servers.
A reaction to late
Antivirus programs offer reactive security; they need to know what they are looking for to be able to find and eradicate it. As such no antivirus program can be 100% effective, hackers are constantly analyzing antivirus programs to find ways around their detection.
Our solution; Proactive Security
Bitidentify uses Proactive Security rather than reactive; we built our system around never having your data connected to the internet. If a hacker can’t see your data it can’t be stolen or even targeted for attempted hacking, this is Proactive Security at it’s finest.
The core of our system is a bare-bones Linux OS (Host) that uses virtualization technology to run two instances of Windows (Guests) on top of it. The Guests are the Open and Secure Machines;
- Open Machine is connected to the internet like a normal PC
- Secure Machine is isolated from the internet and used for classified information only.
The user works with confidential data on the Secure Machine and switches to the Open Machine when there is need for internet.
By using virtualization technology, we can offer features normally not available on a standard computers;
- Ability to completely remove any virus or malware with our unique Restore-function
- Ability to control all USB-devices connected to the computer, devices have to be registred with the specific computer to work
- Running Windows OS with the security of the Linux OS