Skip to main content

Hackers are masters of deceptive tactics, says Kaspersky Lab

One of the main reasons why hackers and other malicious actors are so hard to locate is not the fact they're really good at hiding their location – it is because they're exceptional when it comes to faking things. They fake their locations, their working hours, language, infrastructure, toolkits – even their own groups. Hackers are going extreme lengths to make sure people looking for them are actually in for a wild goose chase.  These conclusions were released by security researchers at Kaspersky Lab, which tried to tackle the issue of misleading both victims and security researchers. 

“The attribution of targeted attacks is complicated, unreliable and subjective – and threat actors increasingly try to manipulate the indicators researchers rely on, further muddying the waters. We believe that accurate attribution is often almost impossible,” said Brian Bartholomew, Senior Security Researcher at Kaspersky Lab.  

“Moreover, threat intelligence has deep and measurable value far beyond the question ‘who did it’. There is a global need to understand the top predators in the malware ecosystem and to provide robust and actionable intelligence to the organisations that want it – that should be our focus.” 

Things like timestamps, or language markers, even though they could be a valuable asset for finding hackers, are easily manipulated. Infrastructure and backend connections can be used to find their location, but only if they fail to properly anonymise their internet connections. 

And finally, tools. Some use publicly available ones, while others go for their own, custom-built. Those custom-built can be used to backtrack some malicious actors. Kaspersky Lab’s full report on the issue can be found on this link (opens in new tab).

Image Credit: Brian Klug / Flickr

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.