Google Dorking: Feds Warn Against Malicious Cyber Actors
Three federal agencies have issued a warning that malicious cyber actors can use advanced search techniques to discover sensitive information on websites.
Three federal agencies have issued a warning that malicious cyber actors can use advanced search techniques to discover sensitive information on websites.
The Department of Homeland Security, the FBI, and the National Counterterrorism Center have issued a warning against the perils of “Google dorking,” or the practice of utilizing a detailed set of search parameters to locate sensitive information or other website vulnerabilities. So reports Computerworld.
As a result, Public Intelligence, the research project that says it “[aggregates] the collective work of independent researchers around the globe who wish to defend the public’s right to access information,” has posted the release on its website.
Examples in the release include:
Public Intelligence provides this query example: “sensitive but unclassified” filetype:pdf site:publicintelligence.net.
Webmasters or consumers simply searching for specific information are not doing anything wrong. For example, readers who want to search for an exact topic on ClickZ.com can enter a query similar to the one below:
According to Public Information, the bulletin clearly outlines what types of information cyber hackers are looking for and how they are able to locate it:
By searching for specific file types and keywords, malicious cyber actors can locate information such as usernames and passwords, e-mail lists, sensitive documents, bank account details, and website vulnerabilities. For example, a simple “operator:keyword” syntax, such as “filetype:xls intext:username,” in the standard search box would retrieve Excel spreadsheets containing usernames.
In August 2011, cyber hackers were able to locate a sensitive File Transfer Protocol server at a university and obtain personal information for more than 40,000 faculty members, staff, students, and alumni.
And, in October 2013, hackers were able to compromise 35,000 websites by searching for vulnerable software identities and creating new administrator accounts for the websites.
There is both good and bad that can come from a tool like Search Diggity, which performs automated Google dork queries. It can be used by webmasters to protect sites, but can also be used by hackers to find ways to expose vulnerabilities.
According to Computerworld, Search Diggity is the “primary attack tool of the Google Hacking Diggity Project.”
As frightening as this may sound, the Department of Homeland Security provides the following tips for protecting a website from cyber attacks: