What is Google dorking? Simply put, it’s using Google’s advanced search-engine features to find detailed information about websites and computer networks. Because Google’s algorithm indexes huge amounts of information, Google dorking can be a very effective method for learning about a company’s computer network. Including the type of information that could allow a hacker easy access to your trade secrets.

Recently, the DOJ brought charges against hackers who were allegedly working with the Iranian government to carry out cyber attacks on various U.S. companies. One of the hackers is charged with accessing the computer network that controls a dam in New York. According to a Wall Street Journal article, the hacker was able to use Google dorking to discover a vulnerable computer, which he hacked into to gain access to the dam’s control systems. Apparently, he had been using Google for months to find vulnerable industrial-control systems.

The WSJ article observes that many companies are unknowingly subjecting themselves to these types of hacking risks, including by connecting outdated infrastructure systems to the internet:

Companies, often against the advice of hacking experts, increasingly have brought such systems online as a way to add “smarts” to U.S. infrastructure. But older systems can have weaknesses that can readily be found through Google dorking, and then exploited, experts said.

It is a very bad idea to connect anything to your company’s network without knowing the implications for network security. The dam-hacking episode shows how easily a bad actor can take advantage.

Also, Google dorking can also help companies identify hacking risks. A company can, and should, “dork” itself, to look for inadvertent or unknown security lapses. Be sure to work with your IT team to make sure that your company is not susceptible to a dork’s hack.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s