Bulletproof’s range of cyber security, data protection and compliance services are your best defence against threats to your business. With nearly a decade of providing trusted security services, we’re continuing our mission of solving the greatest cyber security & compliance challenges through innovation and simplicity. Explore our range of services and find out how Bulletproof can help your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you.
Discover CREST penetration testing & continuous security
Internal & external infrastructure, network & system testing
Manage multiple tests & get external security assurance
Thoroughly assess your web apps & APIs for security flaws
Test your response to a simulated real-world cyber attack
All cloud platforms & services tested, including Azure & AWS
Test your human cyber defences with social engineering
Android, iOS & custom mobile application security testing
Find out more about penetration testing – what it is, when you need it, and why it’s a core component of any business. Discover how pen test helps with compliance, powers best practices, and helps your organisation win new business.
Gap analysis, implementation, audits & more from GDPR experts
On-going support to easily manage your data protection obligations
Consultant-led support to meet all levels of DSPT submission
Flexible & engaging data protection training from certified experts
Get peace of mind that your data protection is being managed by trusted, certified consultants. All Bulletproof data protection services are delivered by our highly trained, experienced and qualified staff.
Gap analysis, implementation, audits & more from dedicated ISO consultants
Find the next step in your strategy with this consultant-led assessment
Get quick & easy CE certification with a range of feature-packed packages
Flexible access to top-tier information security strategy & management
Experienced SOC 2 consultants, AICA audits & compliance automation platform
On-site, remote and video-based security training to boost your resilience
Affordable expertise & support to help you meet & maintain PCI DSS compliance
Go beyond compliance with information security services that are designed to give real operational benefits to your business. All delivered by seasoned, certified Bulletproof security consultants.
24/7 defence against cyber attacks with proactive threat detection
Get help responding & recovering from cyber incidents
Detect, analyse and stop cyber attacks with real-time prevention
Forensic support & data recovery following cyber attacks
Stay on top of new vulnerabilities with powerful, flexible scanning
Evaluate your wireless network for security weaknesses
Discover how your business can identify & manage cyber threats
Comply with regulations, meet certification standards & best practices
Train and test your staff for security resilience, data protection & compliance
No matter what your cyber or compliance challenges, Bulletproof is here to help. We like to work with you as a trusted partner to solve problems, not sell services. No pressure tactics and no false promises.
Learn about our mission to make cyber & compliance accessible to all
Grow your business with high-margin, high-value & partner-ready services
Become part of the Bulletproof team & supercharge your career
Bulletproof’s in-house SOC powers our Managed SIEM & MDR services
We love to talk. Tell us about your cyber & compliance challenges
At Bulletproof we love to solve problems with simplicity & innovation. It’s our mission to make compliance & cyber security services accessible to all. We take pride in building and nurturing teams of exceptional talent, so we’re confident that our cyber security & compliance services are the best way to stay one step ahead of the hackers and protect your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you, no matter what you have to say.
Get the latest news, views & expert insight in the world of cyber security, data protection & compliance
A helpful index of cyber security terms, compliance acronyms and industry terminology to make life easy
Discover what we have to say about the threat landscape & what businesses need to know to get ahead
Find out how we can make companies like yours Bulletproof. Don’t take our word for it, hear direct from our clients
Detailed insights & helpful tips for understanding penetration testing, data protection & more
Interesting data & top tips at a glance, with insightful infographics covering all areas of cyber security & compliance
Watch our experts talk through their thoughts & opinions on a variety of security & compliance topics
See when & where we’re going to be bringing Bulletproof insight to an event near you
Ayisha Bari
Find out what ransomware is, how attacks work & types of attack to help you get started with keeping ransomware out of your business.
Read More
This blog was updated on 1st November 2023
Being untraceable, untouchable, and ungovernable is a key part of the myth and mystique of ‘hackers’. Sure enough, the ability to hide has always been a central part of the hackers’ MO in both the physical and digital world. At Bulletproof, we’re no strangers to the insidious nature of hackers. We regularly analyse cyber attacks, the tools and techniques used and the motives behind them – and crucially, how this data can be used by our customers to implement better cyber defences. You can find out more about this in our 2023 State of Cyber Security Report.
Hackers use a variety of techniques to hide their activities and evade detection, making it challenging for the good guys to catch them, whether that’s law enforcement or security professionals. In this blog post I’ll explore some common techniques that hackers use to hide and let you know what you can do to protect yourself.
Hackers are continually finding new and more efficient ways to infiltrate systems, whether that’s buying a ready-made exploit on the dark web, innovating new security flaws, or using AI language models, such as ChatGPT, in phishing attacks. However, we also see hackers using the same methods time and again to break into systems that lack basic security. So, while cyber criminals do make use of sophisticated hacking techniques, they will first choose the path of least resistance. For example, hackers will often brute-force weak passwords to gain unauthorised access to a system, or use passwords scraped from previous data breaches. Quite often, and here’s a pro tip, the weakest part of your business’ security isn’t your tech, it’s your people. That’s just one of the reasons that security training is an overlooked superweapon in your defences.
Because hackers first look for an easy way in, it's up to organisations to cover the security basics. What this means is that for much of the time, hackers don’t need to go to great lengths to hide themselves because your business is in no state to detect or track them. In fact, if you’re not doing the basics, there’s a good chance you won’t even know you’ve been breached. It often surprises people when I tell them that sometimes hackers are in and out with no real need to obfuscate themselves at all. And whilst I’m here, you should be regularly looking for (and ideally, fixing) the holes that hackers will use to get in. I’m of course talking about penetration testing.
There are several baseline measures businesses can put into place, such as making sure software is up to date, using strong unique passwords, and being aware of common threats such as phishing emails. A good tip here is to make compliance work for you. A good one for the basics is Cyber Essentials. Not only does it make you do the security basics, stopping a lot of opportunistic attacks, but it’s also a business enabler. As well as showcasing your commitment to security to potential customers, Cyber Essentials Plus certification is also a pre-requisite for a lot of UK Government and public-sector contracts. That’s an easy win-win.
Learn how a Bulletproof pen test helped Traced create a chain of trust by finding security weaknesses before a hacker could exploit them
Encryption is great way to make data unreadable, but that goes both for the good guys and the bad guys. By encrypting their communication and data, hackers can prevent others from intercepting and reading their messages. Encrypting data before they leak it is also a way hackers can bypass your security tools that are set to look for signs of corporate data leaving your organisation.
The biggest use of encryption from hackers is surely ransomware, where they encrypt your data and hold you to ransom for the decryption code. In this instance they’re hiding your own data from you! They hide themselves by using cryptocurrency as the extortion payment method, as cryptocurrencies are generally untraceable.
Steganography is a technique where hackers hide data or communication inside other files, such as images or videos. The hidden data can only be accessed with a special tool or key. What might look like a normal image file could actually contain command and control data for malware on your system. To protect yourself from steganography-based hacking attempts, be wary of downloading files or opening attachments from unknown sources. Use trusted endpoint software and - crucially - keep it up to date.
Obfuscation is a technique where hackers hide the true function of code or scripts by making them difficult to read. It might look like nonsense, or it might look like innocent behaviour. In some cases, the real functionality can only be understood when the code is run. Specialised code analysis tools, and more recently AI tools such as ChatGPT, are a good at de-obfuscating code, but it relies on the potential threat being spotted before the code is run.
VPNs are another common tool that has a multitude of uses, both innocent and malicious. You might use a VPN to connect to your corporate infrastructure or have a VPN for home use to get around geographic content restrictions. Hackers can also use VPNs to hide their activities, such as concealing their IP address and location, making it more challenging to trace their activities.
Like a VPN, a hacker can use a proxy as an intermediary that sits between their device and the target. For example, a hacker might use a proxy server to send spam emails from a different IP address than their own, making it more challenging to trace the source of the emails. This is one of the reasons why hackers will try to attack any machine – even if it doesn’t contain valuable data, it still has a use for them in their illicit activities. This is also how many DDoS attacks are orchestrated.
Hackers are always getting smarter, and a recent trend is using off-the-shelf software instead of custom-crafted components. Bespoke software made by hackers leaves behind a digital fingerprint that can identify perpetrators, and as cyber criminals have started to be challenged by digital forensics, they have stopped using custom-built technology. Instead, they increasingly opt for open-source tools. These tools make it harder for criminal investigators to trace an attack because they are openly available and, in many cases, they are written by multiple contributors.
For example, Metasploit was initially built for use by ethical hackers to probe network and server vulnerabilities through pen testing. However, thanks to Metaspolit’s adaptability and open-source nature, this tool has now been adopted by malicious hackers as well. Anyone can download open-source hacking tools and use them to identify and exploit weaknesses in a target’s system.
A while ago our Co-founder Oli Pinson-Roxburgh did a whole webinar about how uncovering how hackers operate and hide. This video goes into a bit more detail than this blog and includes a great walkthrough of an attack in-action.
Once hackers have gained access to a system they can sit for months or sometimes even years within the network using a stealth approach to avoid detection from scanning and monitoring software. For example, hackers will analyse and mimic authorised user behaviour, such as only probing the network during normal working hours. Hackers will also attempt to blend their activity with common network connections and protocols using domain name system ports to route fraudulent activity, disguised as seemingly harmless queries between public and private networks. In the case of business email compromise (BEC), this continuous access to a system can be very useful for exfiltrating data.
Malicious actors lurking within an organisation are already authorised users within your perimeter, making it easier for them to go rogue with sensitive information and credentials. Disgruntled employees, or those who have been bribed or blackmailed by hackers from outside the company, could be tempted to leak sensitive information for personal or financial gain. This is arguably one of the most insidious ways hackers hide. After all, where better to hide than in plain sight? Sometimes the hacker isn’t a teenager in a hoodie on the other side of the world, it’s not a nation-state threat actor in a bunker... it’s the person sitting next to you in the office.
The great game of cat-and-mouse that is cyber security means that tactics and techniques are always evolving on both sides. When one door is closed, another is found. Hackers are not unintelligent or lazy, and complacency will get your business breached. But that doesn’t mean there aren’t effective, cost-efficient measures your business can take to stay secure. My best advice is make sure you’re doing the basics, and here I specifically want to call out Cyber Essentials here. It’s a fantastic universal security baseline. Beyond that, if you’re not making elemental efforts find and manage your cyber threats – for example with penetration testing – then start ASAP. If you’re reading this and are in a more enterprise frame of mind, check out our blogs on how to get value from enterprise pen testing and getting the most out of pen test remediations.
The bottom line is, when hackers need to hide, they can be really good at it. The more you do up-front, the more effective you can be at dealing with problems. It applies to many things in life, and cyber security is no exception. Proactivity always makes your life easier in the long run.
Joe is a blogger and security evangelist who’s been raising the profile of cyber security for a decade. He writes about a variety of cyber and compliance topics, with a keen eye on translating events and data into valuable customer insights. Never boring, sometimes controversial, always insightful.
Penetration testing uncovers hackers potential hiding places in your web apps, networks, clouds, systems & more.
If you are interested in our services, get a free, no obligation quote today by filling out the form below.
I'd like to receive Bulletproof communications about relevant services and events
For more information about how we collect, process and retain your personal data, please see our privacy policy.