True or false: There is no way to tell if you’re being targeted for a hack attack or data breach until it actually happens. Answer: False. There are ways to tell if you’re being targeted before the fact, or at least to catch the hackers extremely early in the game, before any measurable damage has been done. It just takes a few mad skills and a lot of gumption to do so. Some organizations do it in house, others hire managed service providers to do it for them, but still more go completely without this measure of protection.

Not Just Cyber Security as Usual

Most IT security involves some basic tools like firewalls, anti-malware software, and perhaps some prayers. That’s why most of the database breaches you read about went undetected for weeks, sometimes months, and occasionally years before being detected. Even when these security solutions do work, it depends on sending alerts to IT managers, who then have to comb through the data to determine if the anomaly is, in fact, an indication of a breach. Once that’s determined, the IT manager has to deploy an investigation, which takes considerable time and effort. In the meanwhile, some hacker is headed out the virtual back door with all your sensitive data.

There is a better way, though it isn’t easy, isn’t cheap, and few are utilizing it. It’s called cyber hunting. Cyber hunters, like those in the real world, don’t wait for prey to come trotting by. They go after them. It’s a means of proactive security that involves vigorous monitoring of systems (which requires a high degree of visibility into the IT environment). But it doesn’t stop at the network’s borders.

Cyber Hunters (No, It Isn’t a New Reality Show)

Cyber hunters track hackers where they lurk: setting traps, collecting evidence of past, current, and impending attacks, and pursuing the attackers. In many cases, these hunters pretend to be hackers themselves, thereby gaining access to the tools and techniques that the cutting-edge hackers intend to use on vulnerable IT systems. With the information they gather from the field, cyber hunters can develop better tools to prevent future hacks, and can often identify targets before they are breached which means they can strengthen defenses and protect those systems against the latest methods of attack.

Often, cyber terrorist groups and conglomerations of hackers make their plans known before an attack. For example, groups like Anonymous have been known to post about their intentions on Twitter before targeting an organization or its systems. Others aren’t so mainstream about it, but still do some boasting and bragging, along with some research and preparation, in the cyber underground, called the Dark Web.

Just like with any major undertaking, hackers have to practice their techniques, hone their tools, and prepare to breach a well-protected target, such as a notable Fortune 500 company, a highly-regarded healthcare organization, or a powerful world government. By going underground, cyber hunters can learn about these nefarious plans ahead of time, and in some cases, can either stop the attack or help catch the perpetrators. Some cyber hunters work for government agencies, others work for managed service providers or private firms. A select few work for specific companies with their in-house IT teams.

Cyber Hunting Involves On-Premises Work Plus Investigation in the Field

Cyber hunting involves a one-two punch of hearty systems monitoring, plus a proactive approach of hunting down and thwarting cyber criminals where they are. The problem is, though most organizations are aware of these tools and techniques, few are utilizing them. It’s expensive. It’s time consuming. It requires significant skills and training that not all IT departments have on hand. And, let’s face it, cyber threats don’t happen every day, while ordinary, mundane IT responsibilities do. Sometimes it’s just a matter of being too busy with the laundry and dishes to notice someone carrying the flat screen TV out the front door.

If you see the value of cyber hunting, but don’t have the skills, the time, or the funds to do it, a managed service provider can help. You can learn more about protecting your valuable IT infrastructure from intruders when you buy the book ‘Easy Prey: How to Protect Your Business From Data Breach, Cybercrime and Employee Fraud’.