View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
November 30, 2017

How to catch a hacker – Fishing out the cyber-criminals

Today malware attacks are so common that they rarely make front-page headlines.

By Ellie Burns

Adware, spyware, zombie computers and ransomware all find new ways of sliding under our protective devices’ radars – some even worry that our fridges will soon be threatened by these attacks. There is a constant need to adopt new approaches and find new solutions to countering cyber attacks.

As cloud hosting providers, at OVH we consider it to be our mission to actively fight the proliferation of malware, including ransomware. To catch the perpetrators of this modern banditry, we must develop and adopt new approaches to out-smart these criminals, with techniques that combine computer science, reverse engineering and of course police investigation. Here are a few of the techniques we’ve used:


A taste of honey: attracting malware and spam

A very effective way for cloud hosting providers to catch cybercriminals online is to intentionally place honeypots – easily hackable and spammable machines – on our networks. By purposely releasing thousands of valid email addresses or even proper domain names on forums and other online platforms, we bait the spammers and hackers to come and try to do their worst and leave a trace of it. This allows us to do many useful things: we can analyse new ways to infect devices, identify current malware campaigns and, of course, test and develop ways to counter all of them.

Watch and learn: the power of reverse engineering

As cloud hosting providers, our priority is and will always be our clients. We will always do everything in our power to protect the data that has been entrusted to us. However, there are cases when, having identified a server distributing malware, we may not immediately take it down in order to collect precious information.

Like any police work, tracking down cyber-criminals requires collecting solid evidence, and this process can take a while. As we previously mentioned, when the authors of these attacks target their prey online, they leave digital footprints that can be followed back to the source. Once a malware campaign is identified, a real hunt is set in motion in order to find out who is the person behind it before the URLs become invalid.

This is where reverse-engineering comes in. Identifying and monitoring a malware campaign doesn’t mean that we let them do their thing and chase them afterwards. The aim of the game is to understand what sort of malware it is, how it is being used, and put a stop to it before it can even be set free.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester


Cutting out the human error: educating users to be vigilant

Technology and engineers may be brilliant for stopping cyber-criminals, but educating people about the risks they face on the Internet could limit most of the attacks’ effect. Perhaps surprisingly, in today’s digital age, good old email is still the main source of infection, even though devices can also be infected via ads and or by making the most of a software coding vulnerability making its defences weaker. A lot of damage could be avoided if admins would encourage people to strengthen their passwords, update software and don’t click on random links in emails. Hackers are still people like you and me: they’ll always aim towards the obvious vulnerabilities – we need to cut the human error out of the equation and add in vigilance.

These are just a few examples of how OVH identifies and fights cyber-criminals in order to protect our, and above all, our customers’ data. However, as technology advances and changes, so will the ways hackers have to direct attacks on an ever-increasing number of devices. Cloud hosting providers have to adopt a pro-active approach to make sure that no cracks in our armour are left unattended and let the fish escape with the worm.


Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.