The digital footprint we leave today is evident, whether we like it or not. Besides Twitter and Facebook (yes, LinkedIn counts), personal and business email addresses, and accounts with dozens of platforms and services, the online world creates an overall picture of us. One that hackers can paint without us even knowing.
Putting it all together is known as digital footprinting and is the first step towards hacking. Imagine it as homework for hackers to collect and research data. From footprinting, hackers are therefore able to learn a great deal about an organization’s networks and their vulnerabilities. This allows them to find the best way to break into their target, whether it be for a Denial of Service attack, planting malware, or stealing valuable data.
There are many types of digital footprinting, numerous methods and tools, and even ethical footprinting. An awareness of all these approaches is crucial to strengthening your cybersecurity posture.
Types of digital footprinting
Passive footprinting
A hacker gathers information without any direct interaction with their target. Typically, they’ll use web crawlers, social networking sites and monitor and track website traffic and online reputation and performance.
Active footprinting
The hacker will directly interact with their target to gather more information. Active footprinting methods include mirroring and web spidering tools, email tracking, and extracting metadata from published files. The risk here is that the hacker and their efforts might get detected, but their reward is still worth their risk.
What information are hackers getting from footprinting?
Essentially, hackers want to get as much information about your network as possible before they attack. Your DNS tables are searched for machine names, and public websites and anonymous FTP sites are accessed for the following golden pieces of information:
- Domains
- Subdomains
- IP addresses
- Whois and DNS records
- System information (including IDS and ACLs)
- Web server operating systems
- Server locations
- Users
- Passwords
- Organisation information
- Employee information
- Organisation’s background
- Phone numbers
- Locations
As you can imagine, this gives them a pretty comprehensive picture of your organization. But how do they get it?
How hackers perform footprinting
Port scanning
Hackers use a plethora of methods and reconnaissance tools for footprinting, but they’ll often start with port scanning. Port scanning quickly identifies live hosts, operating systems, and which TCP and UDP ports are listening. Just by having this information, hackers can plot the basic network diagram of their targets.
Whois and DNS footprinting
Next, they will add layers and detail to the network map using Whois and DNS interrogation tools. Whois databases fall into two categories: thick and thin. While the former contains data from all registrars, the latter only holds limited information. The DNS footprint provides a wealth of information about server types and locations.
Ping Sweep
In addition to tracing IP addresses on any size network, ping sweep tools such as Nmap and Traceroute reveal the types and locations of firewalls used, as well as the services of hosts.
Email and web footprinting
You’d be surprised at the amount of detail email, and website footprinting can give to a hacker. Email headers include the IP/email address of the sender, mail server, the mail server authentication system, and timestamps of emails. Website footprinting meanwhile gives information about subdirectories, scripting platforms, and query details.
Google hacking
With the addition of Google hacking, which involves complex searches and queries, a hacker has all the information about their target’s vulnerabilities and the best way to attack.
Ethical footprinting and why you need to do it
Much like penetration testing, ethical footprinting and hacking give you accurate insight into your cybersecurity posture and minimize your risk.
To be clear, this isn’t a case of trying to get hacked and seeing how the system fares. Instead, this is a professional performing end-to-end digital footprinting on your organization exactly as a hacker would, without the negatives of malicious hacking. You will immediately see the publicly available network information and the online behavior traits that may threaten your business from the cybersecurity exercise. This is the critical stuff that you should and want to know. You will be able to spot the weaknesses in your systems, make a fix, and then stress test it before anything serious happens.
Ethical hacking, such as ENHALO’s Digital Footprint Reconnaissance, also empowers businesses in other ways. Through profiling an individual’s digital footprint, using open-source, deep web, and dark web intelligence, new hires can be checked to see if they’re the right fit, and partnership conflicts can be identified prior to a merger.
How to prevent footprinting
Identifying risk areas can often serve as a springboard for broader business changes.
- Using a VPN, alternative browsers (like TOR) with specific restrictive settings enabled and using TCP/IP and IPSec protocols might be the better, more efficient and sensical choice for your business.
- More significant efforts to educate employees on steps to minimise their digital footprints might finally be justified, invested in and actioned. Often being the weakest link in the cybersecurity chain, ongoing employee training on security for the business and themselves should be at the top of the list for new and existing employees.
Digital footprinting is a clever, detective-like method of investigating an organization or individual. In order to compete, we need to “get there” faster than the hackers, as the methods get savvier and our footprint increases.
