The thing about tracking software and private corporations
When we are asking some private operator work for our data security, we must realize that those corporations are not always what they claim. That means that sometimes those operators have not able to check the identities of their workers, and here I mean cases where the private operator takes the foreign citizens in their team.
Private corporations have not the same abilities to check backgrounds of their workers than governments have, and sometimes they are facing the situation, that they must hire somebody, and there are only a few suitable coders. In that case, there are only a couple of coders, who has the necessary skills, and then the corporation must make so-called fast recruitment.
In fact in the world of data security, the problem is, that if something reads in the CV that would mean nothing. If the person says that the job is done by using some programming language, that would mean, that this inmate has done anything. And there have been cases, that some "programmer" would be ordered the codes from some friends, and this is the problem for the data security. Those people can call to somebody, who will send the code to the Email, and then they might send the malware accidentally.
One way to make malware, what can pass the firewall is to send the source code by using PDF of some other file, and after that, the contact person just copy-pastes the source code to the program editor, and then the thing is ready. Pressing Ctrl+A and Ctrl+V is very good to take the source code from the document, and then just pressing Ctrl+V the code would be copied to the editor. After that, the user must only create the file, what is able to run and then the software is ready for the run.
Innocence is a pretty thing
Sometimes we are thinking that some persons are safe because they have limits. This thing is not actually true, because modern electronic equipment has given a chance to make flexible and easily portable screens and communication devices. In fact, even the person, who has ever made code or even opened a computer before can hack by using modern equipment. in this case, the person wears only the action camera, what is in the headset, and mobile telephone. The action camera is connected to the Internet by the mobile telephone, and another telephone can be on the table, and the hacker can send messages, what the operator who is in the house must do.
Or if the team wants to get the feeling of what is a very well known thing from some actions movies, they can use smart glasses, and the hacker can write commands to that screen and follows the things, what is going on the computer screen by using this "remote eye". And on the passage would be the remote camera, what warns the inner operator about the quests like security operators. That camera can be connected to the drone, what just flies out from the window when the operator is gone.
And then the hacker would give the instructions to that person by telling, what must be done. Or if the person, who operates uses the screen like smart glasses, the thing goes more easily, because the hacker can write commands and send them to that screen. Of course, a normal mobile telephone can be done with that and the hacker who watches the screen of the computer from somewhere in distance must only give the person, who operates inside the instructions by using Whatsapp or some other social media solution. In this case, the person, who is in the building is operating as the "human robot".
In those cases, there might be a very big risk, that something disappears, and that "something" might be the source code of the tracking tools of that company. This kind of things is really bad things because by using those code lists the hackers can modify the code, and then make own versions of that malware. This means that the malware maker just renames the program, and changes the addresses, where the system would send the data, and that thing might cause a massive data leak.
This kind of attacks needs the contact person, who has access to the system as the superuser. And in fact, even a handicapped person can make those things, if that person gets the instructions. When we are thinking about the "human robot", we can give that inmate the action camera, and mobile telephone, and then we can give the instructions by using Whatsapp, and that is the situation, what has ever mentioned.
When we are asking some private operator work for our data security, we must realize that those corporations are not always what they claim. That means that sometimes those operators have not able to check the identities of their workers, and here I mean cases where the private operator takes the foreign citizens in their team.
Private corporations have not the same abilities to check backgrounds of their workers than governments have, and sometimes they are facing the situation, that they must hire somebody, and there are only a few suitable coders. In that case, there are only a couple of coders, who has the necessary skills, and then the corporation must make so-called fast recruitment.
In fact in the world of data security, the problem is, that if something reads in the CV that would mean nothing. If the person says that the job is done by using some programming language, that would mean, that this inmate has done anything. And there have been cases, that some "programmer" would be ordered the codes from some friends, and this is the problem for the data security. Those people can call to somebody, who will send the code to the Email, and then they might send the malware accidentally.
One way to make malware, what can pass the firewall is to send the source code by using PDF of some other file, and after that, the contact person just copy-pastes the source code to the program editor, and then the thing is ready. Pressing Ctrl+A and Ctrl+V is very good to take the source code from the document, and then just pressing Ctrl+V the code would be copied to the editor. After that, the user must only create the file, what is able to run and then the software is ready for the run.
Innocence is a pretty thing
Sometimes we are thinking that some persons are safe because they have limits. This thing is not actually true, because modern electronic equipment has given a chance to make flexible and easily portable screens and communication devices. In fact, even the person, who has ever made code or even opened a computer before can hack by using modern equipment. in this case, the person wears only the action camera, what is in the headset, and mobile telephone. The action camera is connected to the Internet by the mobile telephone, and another telephone can be on the table, and the hacker can send messages, what the operator who is in the house must do.
Or if the team wants to get the feeling of what is a very well known thing from some actions movies, they can use smart glasses, and the hacker can write commands to that screen and follows the things, what is going on the computer screen by using this "remote eye". And on the passage would be the remote camera, what warns the inner operator about the quests like security operators. That camera can be connected to the drone, what just flies out from the window when the operator is gone.
And then the hacker would give the instructions to that person by telling, what must be done. Or if the person, who operates uses the screen like smart glasses, the thing goes more easily, because the hacker can write commands and send them to that screen. Of course, a normal mobile telephone can be done with that and the hacker who watches the screen of the computer from somewhere in distance must only give the person, who operates inside the instructions by using Whatsapp or some other social media solution. In this case, the person, who is in the building is operating as the "human robot".
In those cases, there might be a very big risk, that something disappears, and that "something" might be the source code of the tracking tools of that company. This kind of things is really bad things because by using those code lists the hackers can modify the code, and then make own versions of that malware. This means that the malware maker just renames the program, and changes the addresses, where the system would send the data, and that thing might cause a massive data leak.
This kind of attacks needs the contact person, who has access to the system as the superuser. And in fact, even a handicapped person can make those things, if that person gets the instructions. When we are thinking about the "human robot", we can give that inmate the action camera, and mobile telephone, and then we can give the instructions by using Whatsapp, and that is the situation, what has ever mentioned.
Comments
Post a Comment