Why Clean-up Hacking?
by Brent Kirkpatrick
(Date Published: 2/23/2018.)
Hacker's do not always install machine code on the hard-drive of a computer while gaining access. Sometimes they gain run-time access, without installing anything. Clean-up also involves removing this type of unauthorized access.
Digital forensics is one way to proceed with clean-up. Administrators can wait until it is easy to find digital evidence of hacker's activities before they work to limit hackers' access. Unfortunately, there is a significant amount of hacking that is not detectable with standard digital forensics methods.
Detection typically drives clean-up. Detection is lite digital forensics. These methods look for strange activities on a computer. When a detection method decides there is sufficient strangeness, then administrators start clean-up procedures.
defendIT. AI-driven security measures derived from security incident data.