Smart attackers want to remain as low-key as possible. Covering their tracks is a priority, and many times their success depends on them remaining unnoticed. They want to avoid raising suspicion so they can come back and access the systems in the future. Hackers often remain anonymous by using one of the following resources:
- Borrowed or stolen remote desktop and VPN accounts from friends or previous employers
- Public computers at libraries, schools, or kiosks at the local mall
- Open wireless networks
- Internet proxy servers or anonymizer services
- Anonymous or disposable e-mail accounts from free e-mail services
- Open e-mail relays
- Infected computers — also called zombies or bots — at other organizations
- Workstations or servers on the victim’s own network
If hackers use enough stepping stones for their attacks, they are hard — practically impossible — to trace. Luckily, one of your biggest concerns — the malicious user — generally isn’t quite as savvy. That is, unless the user is an actual network or security administrator.